./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3596525406

<...>
Warning: Permanently added '10.128.15.212' (ED25519) to the list of known hosts.
execve("./syz-executor3596525406", ["./syz-executor3596525406"], 0x7ffc1e4a9d40 /* 10 vars */) = 0
brk(NULL)                               = 0x555561d54000
brk(0x555561d54d40)                     = 0x555561d54d40
arch_prctl(ARCH_SET_FS, 0x555561d543c0) = 0
set_tid_address(0x555561d54690)         = 5829
set_robust_list(0x555561d546a0, 24)     = 0
rseq(0x555561d54ce0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3596525406", 4096) = 28
getrandom("\x1e\x4f\x2e\x25\x7d\x7e\x2f\x30", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555561d54d40
brk(0x555561d75d40)                     = 0x555561d75d40
brk(0x555561d76000)                     = 0x555561d76000
mprotect(0x7f4341e72000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
mkdir("./syzkaller.MxSSHt", 0700)       = 0
chmod("./syzkaller.MxSSHt", 0777)       = 0
chdir("./syzkaller.MxSSHt")             = 0
mkdir("./0", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = -1 ENXIO (No such device or address)
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached
 <unfinished ...>
[pid  5830] set_robust_list(0x555561d546a0, 24) = 0
[pid  5830] chdir("./0" <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5830
[pid  5830] <... chdir resumed>)        = 0
[pid  5830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5830] setpgid(0, 0)               = 0
[pid  5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5830] write(3, "1000", 4)         = 4
[pid  5830] close(3)                    = 0
[pid  5830] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5830] write(1, "executing program\n", 18executing program
) = 18
[pid  5830] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5830] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5830] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5830] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5830] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5830] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5830] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5832 attached
 <unfinished ...>
[pid  5832] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5830] <... clone3 resumed> => {parent_tid=[5832]}, 88) = 5832
[pid  5832] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5830] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5832] <... set_robust_list resumed>) = 0
[pid  5830] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5832] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5830] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5832] mkdir(NULL, 000 <unfinished ...>
[pid  5830] <... futex resumed>)        = 0
[pid  5832] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5830] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5832] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5830] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5832] <... futex resumed>)        = 0
[pid  5832] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5830] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5832] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5832] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5830] <... futex resumed>)        = 0
[pid  5830] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5832] <... memfd_create resumed>) = 3
[pid  5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5832] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5832] munmap(0x7f4339800000, 138412032) = 0
[pid  5832] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5832] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5832] close(3)                    = 0
[pid  5832] close(4)                    = 0
[pid  5832] mkdir("./file7", 0777)      = 0
[pid  5832] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5832] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5832] chdir("./file7")            = 0
[pid  5832] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5832] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5830] <... futex resumed>)        = 0
[pid  5832] <... futex resumed>)        = 1
[pid  5830] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5832] mkdir(".", 0777 <unfinished ...>
[pid  5830] <... futex resumed>)        = 0
[pid  5832] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5830] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5832] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5830] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5830] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5830] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5830] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5833 attached
 <unfinished ...>
[pid  5833] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5830] <... clone3 resumed> => {parent_tid=[5833]}, 88) = 5833
[pid  5833] <... rseq resumed>)         = 0
[pid  5830] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5833] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5830] <... rt_sigprocmask resumed>NULL, 8) = 0
[   91.261105][ T5832] loop0: detected capacity change from 0 to 32768
[pid  5833] <... set_robust_list resumed>) = 0
[pid  5830] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5833] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5830] <... futex resumed>)        = 0
[pid  5830] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5833] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5833] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5832] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5833] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5832] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5833] <... futex resumed>)        = 1
[pid  5832] <... futex resumed>)        = 0
[pid  5833] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5832] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5830] <... futex resumed>)        = 0
[pid  5830] exit_group(0 <unfinished ...>
[pid  5833] <... futex resumed>)        = ?
[pid  5832] <... futex resumed>)        = ?
[pid  5830] <... exit_group resumed>)   = ?
[pid  5833] +++ exited with 0 +++
[pid  5832] +++ exited with 0 +++
[pid  5830] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} ---
[   91.323399][ T5832] syz-executor359: attempt to access beyond end of device
[   91.323399][ T5832] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   91.337440][ T5832] lbmIODone: I/O error in JFS log
[   91.343041][ T5832] *** Log Format Error ! ***
[   91.349049][ T5832] lmLogInit: exit(-22)
[   91.353217][ T5832] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs")                  = 0
umount2("./0/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./0/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./0")                            = 0
mkdir("./1", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5834 attached
, child_tidptr=0x555561d54690) = 5834
[pid  5834] set_robust_list(0x555561d546a0, 24) = 0
[pid  5834] chdir("./1")                = 0
[pid  5834] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5834] setpgid(0, 0)               = 0
[pid  5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5834] write(3, "1000", 4)         = 4
[pid  5834] close(3)                    = 0
[pid  5834] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5834] write(1, "executing program\n", 18) = 18
[pid  5834] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5834] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5834] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5834] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5834] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5835 attached
 <unfinished ...>
[pid  5835] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5834] <... clone3 resumed> => {parent_tid=[5835]}, 88) = 5835
[pid  5835] <... rseq resumed>)         = 0
[pid  5834] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5835] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5834] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5835] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5834] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5835] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5834] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5835] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5835] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5834] <... futex resumed>)        = 0
[pid  5835] <... futex resumed>)        = 1
[pid  5834] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5835] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5834] <... futex resumed>)        = 0
[pid  5834] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5835] <... memfd_create resumed>) = 3
[pid  5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[   91.897902][ T1652] cfg80211: failed to load regulatory.db
[pid  5835] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5835] munmap(0x7f4339800000, 138412032) = 0
[pid  5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5835] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5835] close(3)                    = 0
[pid  5835] close(4)                    = 0
[pid  5835] mkdir("./file7", 0777)      = 0
[pid  5835] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5835] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5835] chdir("./file7")            = 0
[pid  5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5835] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5834] <... futex resumed>)        = 0
[pid  5835] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5834] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5835] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5834] <... futex resumed>)        = 0
[pid  5834] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   92.148825][ T5835] loop0: detected capacity change from 0 to 32768
[pid  5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5835] mkdir(".", 0777 <unfinished ...>
[pid  5834] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid  5835] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5834] <... mprotect resumed>)     = 0
[pid  5835] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5834] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5836 attached
 => {parent_tid=[5836]}, 88) = 5836
[pid  5836] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5834] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5836] <... rseq resumed>)         = 0
[pid  5834] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5836] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5834] <... futex resumed>)        = 0
[pid  5836] <... set_robust_list resumed>) = 0
[pid  5834] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5836] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5836] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5836] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5834] <... futex resumed>)        = 0
[pid  5836] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5835] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5835] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5835] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5834] exit_group(0 <unfinished ...>
[pid  5836] <... futex resumed>)        = ?
[pid  5836] +++ exited with 0 +++
[pid  5834] <... exit_group resumed>)   = ?
[pid  5835] <... futex resumed>)        = ?
[pid  5835] +++ exited with 0 +++
[pid  5834] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5834, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[   92.218002][ T5835] syz-executor359: attempt to access beyond end of device
[   92.218002][ T5835] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   92.233984][ T5835] lbmIODone: I/O error in JFS log
[   92.239426][ T5835] *** Log Format Error ! ***
[   92.244666][ T5835] lmLogInit: exit(-22)
[   92.248854][ T5835] lmLogOpen: exit(-22)
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs")                  = 0
umount2("./1/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./1/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./1/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./1")                            = 0
mkdir("./2", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555561d54690) = 5837
./strace-static-x86_64: Process 5837 attached
[pid  5837] set_robust_list(0x555561d546a0, 24) = 0
[pid  5837] chdir("./2")                = 0
[pid  5837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5837] setpgid(0, 0)               = 0
[pid  5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5837] write(3, "1000", 4)         = 4
[pid  5837] close(3)                    = 0
[pid  5837] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5837] write(1, "executing program\n", 18) = 18
[pid  5837] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5837] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5837] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5837] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5837] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5838 attached
 => {parent_tid=[5838]}, 88) = 5838
[pid  5838] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5837] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5838] <... rseq resumed>)         = 0
[pid  5837] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5838] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5837] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5838] <... set_robust_list resumed>) = 0
[pid  5838] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5837] <... futex resumed>)        = 0
[pid  5838] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5837] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5838] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5838] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5837] <... futex resumed>)        = 0
[pid  5838] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5837] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5838] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5837] <... futex resumed>)        = 0
[pid  5837] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5838] memfd_create("syzkaller", 0) = 3
[pid  5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5838] munmap(0x7f4339800000, 138412032) = 0
[pid  5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5838] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5838] close(3)                    = 0
[pid  5838] close(4)                    = 0
[pid  5838] mkdir("./file7", 0777)      = 0
[pid  5838] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5838] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5838] chdir("./file7")            = 0
[   93.051282][ T5838] loop0: detected capacity change from 0 to 32768
[pid  5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5838] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5837] <... futex resumed>)        = 0
[pid  5838] mkdir(".", 0777 <unfinished ...>
[pid  5837] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5838] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5837] <... futex resumed>)        = 0
[pid  5837] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5838] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5837] <... futex resumed>)        = 0
[pid  5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5837] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5837] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5839 attached
 => {parent_tid=[5839]}, 88) = 5839
[pid  5839] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5837] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5839] <... rseq resumed>)         = 0
[pid  5837] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5839] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5837] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5839] <... set_robust_list resumed>) = 0
[pid  5837] <... futex resumed>)        = 0
[pid  5839] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5837] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5839] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5839] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5838] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5837] <... futex resumed>)        = 0
[pid  5839] <... futex resumed>)        = 1
[pid  5838] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5839] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5837] exit_group(0 <unfinished ...>
[pid  5838] <... futex resumed>)        = 0
[pid  5839] <... futex resumed>)        = ?
[pid  5837] <... exit_group resumed>)   = ?
[pid  5839] +++ exited with 0 +++
[pid  5838] +++ exited with 0 +++
[pid  5837] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=20 /* 0.20 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[   93.147349][ T5838] syz-executor359: attempt to access beyond end of device
[   93.147349][ T5838] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   93.161572][ T5838] lbmIODone: I/O error in JFS log
[   93.167018][ T5838] *** Log Format Error ! ***
[   93.172018][ T5838] lmLogInit: exit(-22)
[   93.176160][ T5838] lmLogOpen: exit(-22)
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs")                  = 0
umount2("./2/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./2/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./2/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./2")                            = 0
mkdir("./3", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5840 attached
, child_tidptr=0x555561d54690) = 5840
[pid  5840] set_robust_list(0x555561d546a0, 24) = 0
[pid  5840] chdir("./3")                = 0
[pid  5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5840] setpgid(0, 0)               = 0
[pid  5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "1000", 4)         = 4
[pid  5840] close(3)                    = 0
[pid  5840] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5840] write(1, "executing program\n", 18executing program
) = 18
[pid  5840] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5840] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5840] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5840] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5840] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5841 attached
 <unfinished ...>
[pid  5841] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5841] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5840] <... clone3 resumed> => {parent_tid=[5841]}, 88) = 5841
[pid  5841] <... set_robust_list resumed>) = 0
[pid  5840] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5841] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5840] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5841] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5841] mkdir(NULL, 000 <unfinished ...>
[pid  5840] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5841] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5840] <... futex resumed>)        = 0
[pid  5841] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5840] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5841] <... futex resumed>)        = 0
[pid  5840] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5841] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5840] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5841] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5840] <... futex resumed>)        = 0
[pid  5841] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5840] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5841] <... memfd_create resumed>) = 3
[pid  5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5841] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5841] munmap(0x7f4339800000, 138412032) = 0
[pid  5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5841] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5841] close(3)                    = 0
[pid  5841] close(4)                    = 0
[pid  5841] mkdir("./file7", 0777)      = 0
[pid  5841] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5841] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5841] chdir("./file7")            = 0
[pid  5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5841] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5840] <... futex resumed>)        = 0
[   93.930480][ T5841] loop0: detected capacity change from 0 to 32768
[pid  5840] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5841] mkdir(".", 0777 <unfinished ...>
[pid  5840] <... futex resumed>)        = 0
[pid  5841] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5841] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5840] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5840] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5840] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5842 attached
 <unfinished ...>
[pid  5842] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5840] <... clone3 resumed> => {parent_tid=[5842]}, 88) = 5842
[pid  5842] <... rseq resumed>)         = 0
[pid  5840] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5842] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5840] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5842] <... set_robust_list resumed>) = 0
[pid  5840] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5842] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5840] <... futex resumed>)        = 0
[pid  5842] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5840] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5842] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5842] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5840] <... futex resumed>)        = 0
[pid  5842] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5841] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5841] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5841] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5840] exit_group(0 <unfinished ...>
[pid  5842] <... futex resumed>)        = ?
[pid  5841] <... futex resumed>)        = ?
[pid  5840] <... exit_group resumed>)   = ?
[pid  5842] +++ exited with 0 +++
[pid  5841] +++ exited with 0 +++
[pid  5840] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} ---
[   93.998983][ T5841] syz-executor359: attempt to access beyond end of device
[   93.998983][ T5841] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   94.012593][ T5841] lbmIODone: I/O error in JFS log
[   94.018710][ T5841] *** Log Format Error ! ***
[   94.023838][ T5841] lmLogInit: exit(-22)
[   94.028682][ T5841] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs")                  = 0
umount2("./3/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./3/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./3/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./3")                            = 0
mkdir("./4", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5843 attached
, child_tidptr=0x555561d54690) = 5843
[pid  5843] set_robust_list(0x555561d546a0, 24) = 0
[pid  5843] chdir("./4")                = 0
[pid  5843] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5843] setpgid(0, 0)               = 0
[pid  5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5843] write(3, "1000", 4)         = 4
[pid  5843] close(3)                    = 0
[pid  5843] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5843] write(1, "executing program\n", 18) = 18
[pid  5843] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5843] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5843] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5843] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5843] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5844 attached
 <unfinished ...>
[pid  5844] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5843] <... clone3 resumed> => {parent_tid=[5844]}, 88) = 5844
[pid  5844] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5843] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5844] <... set_robust_list resumed>) = 0
[pid  5843] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5844] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5843] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5844] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5843] <... futex resumed>)        = 0
[pid  5844] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5843] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5844] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5843] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5844] <... futex resumed>)        = 0
[pid  5843] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5844] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5843] <... futex resumed>)        = 0
[pid  5843] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5844] <... memfd_create resumed>) = 3
[pid  5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5844] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5844] munmap(0x7f4339800000, 138412032) = 0
[pid  5844] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5844] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5844] close(3)                    = 0
[pid  5844] close(4)                    = 0
[pid  5844] mkdir("./file7", 0777)      = 0
[pid  5844] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5844] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5844] chdir("./file7")            = 0
[pid  5844] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5844] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5843] <... futex resumed>)        = 0
[pid  5844] mkdir(".", 0777 <unfinished ...>
[pid  5843] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5844] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5843] <... futex resumed>)        = 0
[pid  5844] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5843] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   94.796385][ T5844] loop0: detected capacity change from 0 to 32768
[pid  5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5843] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5843] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0} <unfinished ...>
[pid  5844] <... mount resumed>)        = -1 EINVAL (Invalid argument)
./strace-static-x86_64: Process 5845 attached
[pid  5844] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5844] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5845] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5843] <... clone3 resumed> => {parent_tid=[5845]}, 88) = 5845
[pid  5845] <... rseq resumed>)         = 0
[pid  5843] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5845] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5843] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5845] <... set_robust_list resumed>) = 0
[pid  5843] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5845] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5843] <... futex resumed>)        = 0
[pid  5845] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5843] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5845] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5845] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5843] <... futex resumed>)        = 0
[pid  5845] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5843] exit_group(0 <unfinished ...>
[pid  5845] <... futex resumed>)        = ?
[pid  5844] <... futex resumed>)        = ?
[pid  5843] <... exit_group resumed>)   = ?
[pid  5845] +++ exited with 0 +++
[pid  5844] +++ exited with 0 +++
[pid  5843] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=20 /* 0.20 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   94.850366][ T5844] syz-executor359: attempt to access beyond end of device
[   94.850366][ T5844] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   94.863921][ T5844] lbmIODone: I/O error in JFS log
[   94.870556][ T5844] *** Log Format Error ! ***
[   94.876032][ T5844] lmLogInit: exit(-22)
[   94.880475][ T5844] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs")                  = 0
umount2("./4/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./4/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./4/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./4")                            = 0
mkdir("./5", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5846 attached
 <unfinished ...>
[pid  5846] set_robust_list(0x555561d546a0, 24 <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5846
[pid  5846] <... set_robust_list resumed>) = 0
[pid  5846] chdir("./5")                = 0
[pid  5846] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5846] setpgid(0, 0)               = 0
[pid  5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5846] write(3, "1000", 4)         = 4
[pid  5846] close(3)                    = 0
[pid  5846] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5846] write(1, "executing program\n", 18) = 18
[pid  5846] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5846] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5846] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5846] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5846] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5846] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5846] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5847 attached
 <unfinished ...>
[pid  5847] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5846] <... clone3 resumed> => {parent_tid=[5847]}, 88) = 5847
[pid  5847] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5846] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5847] <... set_robust_list resumed>) = 0
[pid  5846] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5847] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5846] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5847] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5846] <... futex resumed>)        = 0
[pid  5847] mkdir(NULL, 000 <unfinished ...>
[pid  5846] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5847] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5847] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5846] <... futex resumed>)        = 0
[pid  5847] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5846] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5847] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5846] <... futex resumed>)        = 0
[pid  5847] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5846] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5847] <... memfd_create resumed>) = 3
[pid  5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5847] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5847] munmap(0x7f4339800000, 138412032) = 0
[pid  5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5847] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5847] close(3)                    = 0
[pid  5847] close(4)                    = 0
[pid  5847] mkdir("./file7", 0777)      = 0
[pid  5847] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5847] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5847] chdir("./file7")            = 0
[pid  5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5847] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5846] <... futex resumed>)        = 0
[pid  5847] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5846] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[   95.717643][ T5847] loop0: detected capacity change from 0 to 32768
[pid  5846] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5847] mkdir(".", 0777 <unfinished ...>
[pid  5846] <... futex resumed>)        = 0
[pid  5847] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5846] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5847] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5846] <... mmap resumed>)         = 0x7f4341d5e000
[pid  5846] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5846] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5846] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5848 attached
 <unfinished ...>
[pid  5848] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5848] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5846] <... clone3 resumed> => {parent_tid=[5848]}, 88) = 5848
[pid  5848] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5846] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5848] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5846] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5848] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5846] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5848] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5846] <... futex resumed>)        = 0
[pid  5846] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5848] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5848] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5847] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5848] <... futex resumed>)        = 1
[pid  5846] <... futex resumed>)        = 0
[pid  5848] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5847] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5847] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5846] exit_group(0 <unfinished ...>
[pid  5848] <... futex resumed>)        = ?
[pid  5847] <... futex resumed>)        = ?
[pid  5846] <... exit_group resumed>)   = ?
[pid  5848] +++ exited with 0 +++
[pid  5847] +++ exited with 0 +++
[pid  5846] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5846, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[   95.790364][ T5847] syz-executor359: attempt to access beyond end of device
[   95.790364][ T5847] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   95.806632][ T5847] lbmIODone: I/O error in JFS log
[   95.811791][ T5847] *** Log Format Error ! ***
[   95.818629][ T5847] lmLogInit: exit(-22)
[   95.822764][ T5847] lmLogOpen: exit(-22)
umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs")                  = 0
umount2("./5/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./5/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./5/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./5")                            = 0
mkdir("./6", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5849 attached
, child_tidptr=0x555561d54690) = 5849
[pid  5849] set_robust_list(0x555561d546a0, 24) = 0
[pid  5849] chdir("./6")                = 0
[pid  5849] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5849] setpgid(0, 0)               = 0
[pid  5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5849] write(3, "1000", 4)         = 4
[pid  5849] close(3)                    = 0
[pid  5849] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5849] write(1, "executing program\n", 18executing program
) = 18
[pid  5849] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5849] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5849] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5849] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5849] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5849] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5849] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5850 attached
 <unfinished ...>
[pid  5850] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5849] <... clone3 resumed> => {parent_tid=[5850]}, 88) = 5850
[pid  5850] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5849] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5850] <... set_robust_list resumed>) = 0
[pid  5849] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5850] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5849] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5850] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5849] <... futex resumed>)        = 0
[pid  5850] mkdir(NULL, 000 <unfinished ...>
[pid  5849] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5850] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5850] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5849] <... futex resumed>)        = 0
[pid  5850] <... futex resumed>)        = 1
[pid  5849] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5850] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5849] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5850] <... memfd_create resumed>) = 3
[pid  5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5850] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5850] munmap(0x7f4339800000, 138412032) = 0
[pid  5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5850] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5850] close(3)                    = 0
[pid  5850] close(4)                    = 0
[pid  5850] mkdir("./file7", 0777)      = 0
[pid  5850] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5850] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[   96.601393][ T5850] loop0: detected capacity change from 0 to 32768
[pid  5850] chdir("./file7")            = 0
[pid  5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5850] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5849] <... futex resumed>)        = 0
[pid  5850] <... futex resumed>)        = 1
[pid  5849] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5850] mkdir(".", 0777 <unfinished ...>
[pid  5849] <... futex resumed>)        = 0
[pid  5850] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5849] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5850] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5849] <... futex resumed>)        = 0
[pid  5849] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5849] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5849] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5849] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5851 attached
 <unfinished ...>
[pid  5851] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5849] <... clone3 resumed> => {parent_tid=[5851]}, 88) = 5851
[pid  5851] <... rseq resumed>)         = 0
[pid  5849] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5851] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5849] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5851] <... set_robust_list resumed>) = 0
[pid  5849] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5851] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5849] <... futex resumed>)        = 0
[pid  5851] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5849] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5851] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5851] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5851] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5849] <... futex resumed>)        = 0
[pid  5850] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5850] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5850] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5849] exit_group(0 <unfinished ...>
[pid  5851] <... futex resumed>)        = ?
[pid  5850] <... futex resumed>)        = ?
[pid  5849] <... exit_group resumed>)   = ?
[pid  5851] +++ exited with 0 +++
[pid  5850] +++ exited with 0 +++
[pid  5849] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5849, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=19 /* 0.19 s */} ---
[   96.684765][ T5850] syz-executor359: attempt to access beyond end of device
[   96.684765][ T5850] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   96.698732][ T5850] lbmIODone: I/O error in JFS log
[   96.703961][ T5850] *** Log Format Error ! ***
[   96.709589][ T5850] lmLogInit: exit(-22)
[   96.713774][ T5850] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs")                  = 0
umount2("./6/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./6/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./6/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./6")                            = 0
mkdir("./7", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5852 attached
, child_tidptr=0x555561d54690) = 5852
[pid  5852] set_robust_list(0x555561d546a0, 24) = 0
[pid  5852] chdir("./7")                = 0
[pid  5852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5852] setpgid(0, 0)               = 0
[pid  5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5852] write(3, "1000", 4)         = 4
[pid  5852] close(3)                    = 0
[pid  5852] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5852] write(1, "executing program\n", 18executing program
) = 18
[pid  5852] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5852] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5852] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5852] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5852] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5853 attached
 <unfinished ...>
[pid  5853] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5852] <... clone3 resumed> => {parent_tid=[5853]}, 88) = 5853
[pid  5853] <... rseq resumed>)         = 0
[pid  5853] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5852] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5853] <... set_robust_list resumed>) = 0
[pid  5852] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5853] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5852] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5853] mkdir(NULL, 000 <unfinished ...>
[pid  5852] <... futex resumed>)        = 0
[pid  5853] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5853] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5852] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5853] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5852] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5852] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5853] <... futex resumed>)        = 0
[pid  5852] <... futex resumed>)        = 1
[pid  5852] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5853] memfd_create("syzkaller", 0) = 3
[pid  5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5853] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5853] munmap(0x7f4339800000, 138412032) = 0
[pid  5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5853] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5853] close(3)                    = 0
[pid  5853] close(4)                    = 0
[pid  5853] mkdir("./file7", 0777)      = 0
[pid  5853] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5853] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5853] chdir("./file7")            = 0
[   97.442964][ T5853] loop0: detected capacity change from 0 to 32768
[pid  5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5853] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5852] <... futex resumed>)        = 0
[pid  5852] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5853] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5852] <... futex resumed>)        = 0
[pid  5853] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5852] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5852] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5852] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5854 attached
 <unfinished ...>
[pid  5854] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5854] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5852] <... clone3 resumed> => {parent_tid=[5854]}, 88) = 5854
[pid  5854] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5852] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5854] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5852] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5854] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5853] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5852] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5854] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5853] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5852] <... futex resumed>)        = 0
[pid  5853] <... futex resumed>)        = 0
[pid  5854] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5852] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5853] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5854] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5854] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5852] <... futex resumed>)        = 0
[pid  5854] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5852] exit_group(0 <unfinished ...>
[pid  5854] <... futex resumed>)        = ?
[pid  5853] <... futex resumed>)        = ?
[pid  5852] <... exit_group resumed>)   = ?
[pid  5854] +++ exited with 0 +++
[pid  5853] +++ exited with 0 +++
[pid  5852] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5852, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=23 /* 0.23 s */} ---
[   97.548616][ T5853] syz-executor359: attempt to access beyond end of device
[   97.548616][ T5853] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   97.564118][ T5853] lbmIODone: I/O error in JFS log
[   97.569981][ T5853] *** Log Format Error ! ***
[   97.576065][ T5853] lmLogInit: exit(-22)
[   97.580805][ T5853] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs")                  = 0
umount2("./7/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./7/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./7/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./7")                            = 0
mkdir("./8", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5855 attached
 <unfinished ...>
[pid  5855] set_robust_list(0x555561d546a0, 24 <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5855
[pid  5855] <... set_robust_list resumed>) = 0
[pid  5855] chdir("./8")                = 0
[pid  5855] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5855] setpgid(0, 0)               = 0
[pid  5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5855] write(3, "1000", 4)         = 4
[pid  5855] close(3)                    = 0
[pid  5855] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5855] write(1, "executing program\n", 18executing program
) = 18
[pid  5855] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5855] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5855] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5855] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5855] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5855] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5855] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5856 attached
 => {parent_tid=[5856]}, 88) = 5856
[pid  5855] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5856] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5855] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5856] <... rseq resumed>)         = 0
[pid  5855] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5856] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5855] <... futex resumed>)        = 0
[pid  5856] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5855] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5856] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5856] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5856] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5855] <... futex resumed>)        = 0
[pid  5856] <... futex resumed>)        = 1
[pid  5855] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5855] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5856] memfd_create("syzkaller", 0) = 3
[pid  5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5856] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5856] munmap(0x7f4339800000, 138412032) = 0
[pid  5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5856] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5856] close(3)                    = 0
[pid  5856] close(4)                    = 0
[pid  5856] mkdir("./file7", 0777)      = 0
[pid  5856] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5856] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[   98.403141][ T5856] loop0: detected capacity change from 0 to 32768
[pid  5856] chdir("./file7")            = 0
[pid  5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5856] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5855] <... futex resumed>)        = 0
[pid  5855] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5856] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5856] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5855] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5855] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5855] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5855] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5855] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5857 attached
 <unfinished ...>
[pid  5857] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5855] <... clone3 resumed> => {parent_tid=[5857]}, 88) = 5857
[pid  5857] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5855] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5857] <... set_robust_list resumed>) = 0
[pid  5855] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5857] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5855] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5857] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5855] <... futex resumed>)        = 0
[pid  5857] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5855] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5857] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5857] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5856] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5855] <... futex resumed>)        = 0
[pid  5857] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5856] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5856] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5855] exit_group(0 <unfinished ...>
[pid  5856] <... futex resumed>)        = ?
[pid  5857] <... futex resumed>)        = ?
[pid  5856] +++ exited with 0 +++
[pid  5855] <... exit_group resumed>)   = ?
[pid  5857] +++ exited with 0 +++
[pid  5855] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5855, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[   98.480840][ T5856] syz-executor359: attempt to access beyond end of device
[   98.480840][ T5856] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   98.494298][ T5856] lbmIODone: I/O error in JFS log
[   98.499978][ T5856] *** Log Format Error ! ***
[   98.505228][ T5856] lmLogInit: exit(-22)
[   98.510171][ T5856] lmLogOpen: exit(-22)
umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs")                  = 0
umount2("./8/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./8/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./8/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./8")                            = 0
mkdir("./9", 0777)                      = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5858 attached
, child_tidptr=0x555561d54690) = 5858
[pid  5858] set_robust_list(0x555561d546a0, 24) = 0
[pid  5858] chdir("./9")                = 0
[pid  5858] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5858] setpgid(0, 0)               = 0
[pid  5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5858] write(3, "1000", 4)         = 4
[pid  5858] close(3)                    = 0
[pid  5858] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5858] write(1, "executing program\n", 18executing program
) = 18
[pid  5858] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5858] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5858] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5858] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5858] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5858] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5858] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5859 attached
 <unfinished ...>
[pid  5859] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5858] <... clone3 resumed> => {parent_tid=[5859]}, 88) = 5859
[pid  5859] <... rseq resumed>)         = 0
[pid  5859] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5858] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5859] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5858] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5859] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5858] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5859] mkdir(NULL, 000 <unfinished ...>
[pid  5858] <... futex resumed>)        = 0
[pid  5859] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5859] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5858] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5859] <... futex resumed>)        = 0
[pid  5858] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5859] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5858] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5859] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5858] <... futex resumed>)        = 0
[pid  5858] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5859] memfd_create("syzkaller", 0) = 3
[pid  5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5859] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5859] munmap(0x7f4339800000, 138412032) = 0
[pid  5859] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5859] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5859] close(3)                    = 0
[pid  5859] close(4)                    = 0
[pid  5859] mkdir("./file7", 0777)      = 0
[pid  5859] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5859] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[   99.289484][ T5859] loop0: detected capacity change from 0 to 32768
[pid  5859] chdir("./file7")            = 0
[pid  5859] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5859] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5858] <... futex resumed>)        = 0
[pid  5859] mkdir(".", 0777 <unfinished ...>
[pid  5858] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5859] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5858] <... futex resumed>)        = 0
[pid  5859] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5858] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5858] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5858] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5858] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5858] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5860 attached
 <unfinished ...>
[pid  5860] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5858] <... clone3 resumed> => {parent_tid=[5860]}, 88) = 5860
[pid  5860] <... rseq resumed>)         = 0
[pid  5858] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5860] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5858] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5860] <... set_robust_list resumed>) = 0
[pid  5858] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5860] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5858] <... futex resumed>)        = 0
[pid  5860] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5858] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5860] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5859] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5860] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5859] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5860] <... futex resumed>)        = 1
[pid  5859] <... futex resumed>)        = 0
[pid  5858] <... futex resumed>)        = 0
[pid  5860] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5859] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5858] exit_group(0 <unfinished ...>
[pid  5860] <... futex resumed>)        = ?
[pid  5859] <... futex resumed>)        = ?
[pid  5858] <... exit_group resumed>)   = ?
[pid  5860] +++ exited with 0 +++
[pid  5859] +++ exited with 0 +++
[pid  5858] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5858, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[   99.383626][ T5859] syz-executor359: attempt to access beyond end of device
[   99.383626][ T5859] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[   99.397541][ T5859] lbmIODone: I/O error in JFS log
[   99.402608][ T5859] *** Log Format Error ! ***
[   99.408561][ T5859] lmLogInit: exit(-22)
[   99.413296][ T5859] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./9/binderfs")                  = 0
umount2("./9/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./9/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./9/file7")                      = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./9")                            = 0
mkdir("./10", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5861 attached
, child_tidptr=0x555561d54690) = 5861
[pid  5861] set_robust_list(0x555561d546a0, 24) = 0
[pid  5861] chdir("./10")               = 0
[pid  5861] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5861] setpgid(0, 0)               = 0
[pid  5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5861] write(3, "1000", 4)         = 4
[pid  5861] close(3)                    = 0
[pid  5861] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5861] write(1, "executing program\n", 18) = 18
[pid  5861] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5861] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5861] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5861] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5861] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5861] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5861] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5862 attached
 <unfinished ...>
[pid  5862] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5861] <... clone3 resumed> => {parent_tid=[5862]}, 88) = 5862
[pid  5862] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5861] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5862] <... set_robust_list resumed>) = 0
[pid  5861] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5862] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5861] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5862] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5861] <... futex resumed>)        = 0
[pid  5862] mkdir(NULL, 000 <unfinished ...>
[pid  5861] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5862] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5862] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5861] <... futex resumed>)        = 0
[pid  5862] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5861] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5862] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5861] <... futex resumed>)        = 0
[pid  5862] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5861] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5862] <... memfd_create resumed>) = 3
[pid  5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5862] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5862] munmap(0x7f4339800000, 138412032) = 0
[pid  5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5862] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5862] close(3)                    = 0
[pid  5862] close(4)                    = 0
[pid  5862] mkdir("./file7", 0777)      = 0
[pid  5862] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5862] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5862] chdir("./file7")            = 0
[pid  5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5862] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5861] <... futex resumed>)        = 0
[pid  5862] <... futex resumed>)        = 1
[pid  5861] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5862] mkdir(".", 0777 <unfinished ...>
[pid  5861] <... futex resumed>)        = 0
[pid  5862] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5861] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5862] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5861] <... futex resumed>)        = 0
[  100.197209][ T5862] loop0: detected capacity change from 0 to 32768
[pid  5861] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5861] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5861] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5862] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5861] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0} <unfinished ...>
[pid  5862] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5862] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5863 attached
 <unfinished ...>
[pid  5863] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5861] <... clone3 resumed> => {parent_tid=[5863]}, 88) = 5863
[pid  5863] <... rseq resumed>)         = 0
[pid  5861] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5863] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5861] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5863] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5861] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5863] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5861] <... futex resumed>)        = 0
[pid  5863] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5861] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5863] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5863] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5861] <... futex resumed>)        = 0
[pid  5863] <... futex resumed>)        = 1
[pid  5861] exit_group(0 <unfinished ...>
[pid  5862] <... futex resumed>)        = ?
[pid  5861] <... exit_group resumed>)   = ?
[pid  5863] +++ exited with 0 +++
[pid  5862] +++ exited with 0 +++
[pid  5861] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5861, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  100.254828][ T5862] syz-executor359: attempt to access beyond end of device
[  100.254828][ T5862] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  100.269699][ T5862] lbmIODone: I/O error in JFS log
[  100.274815][ T5862] *** Log Format Error ! ***
[  100.280623][ T5862] lmLogInit: exit(-22)
[  100.284761][ T5862] lmLogOpen: exit(-22)
umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./10/binderfs")                 = 0
umount2("./10/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./10/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./10/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./10")                           = 0
mkdir("./11", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5864 attached
, child_tidptr=0x555561d54690) = 5864
[pid  5864] set_robust_list(0x555561d546a0, 24) = 0
[pid  5864] chdir("./11")               = 0
[pid  5864] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5864] setpgid(0, 0)               = 0
[pid  5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5864] write(3, "1000", 4)         = 4
[pid  5864] close(3)                    = 0
[pid  5864] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5864] write(1, "executing program\n", 18) = 18
[pid  5864] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5864] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5864] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5864] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5864] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5864] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5864] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5865 attached
 => {parent_tid=[5865]}, 88) = 5865
[pid  5864] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5865] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5864] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5865] <... rseq resumed>)         = 0
[pid  5864] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5865] <... set_robust_list resumed>) = 0
[pid  5865] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5864] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5865] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5865] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5865] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5865] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5864] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5865] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5864] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5864] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5865] <... memfd_create resumed>) = 3
[pid  5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5865] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5865] munmap(0x7f4339800000, 138412032) = 0
[pid  5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5865] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5865] close(3)                    = 0
[pid  5865] close(4)                    = 0
[pid  5865] mkdir("./file7", 0777)      = 0
[pid  5865] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5865] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5865] chdir("./file7")            = 0
[pid  5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5865] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5864] <... futex resumed>)        = 0
[pid  5865] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5864] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5865] mkdir(".", 0777 <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5865] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5864] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5864] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[  101.081061][ T5865] loop0: detected capacity change from 0 to 32768
[pid  5864] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5864] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5864] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5866 attached
 <unfinished ...>
[pid  5866] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5864] <... clone3 resumed> => {parent_tid=[5866]}, 88) = 5866
[pid  5866] <... rseq resumed>)         = 0
[pid  5864] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5866] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5864] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5866] <... set_robust_list resumed>) = 0
[pid  5866] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5864] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5866] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5864] <... futex resumed>)        = 0
[pid  5866] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5864] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5866] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5866] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5864] <... futex resumed>)        = 0
[pid  5866] <... futex resumed>)        = 1
[pid  5865] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5866] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5865] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5864] exit_group(0 <unfinished ...>
[pid  5866] <... futex resumed>)        = ?
[pid  5865] <... futex resumed>)        = ?
[pid  5864] <... exit_group resumed>)   = ?
[pid  5866] +++ exited with 0 +++
[pid  5865] +++ exited with 0 +++
[pid  5864] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  101.139240][ T5865] syz-executor359: attempt to access beyond end of device
[  101.139240][ T5865] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  101.153748][ T5865] lbmIODone: I/O error in JFS log
[  101.159599][ T5865] *** Log Format Error ! ***
[  101.165107][ T5865] lmLogInit: exit(-22)
[  101.169300][ T5865] lmLogOpen: exit(-22)
umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./11/binderfs")                 = 0
umount2("./11/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./11/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./11/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./11")                           = 0
mkdir("./12", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5867 attached
, child_tidptr=0x555561d54690) = 5867
[pid  5867] set_robust_list(0x555561d546a0, 24) = 0
[pid  5867] chdir("./12")               = 0
[pid  5867] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5867] setpgid(0, 0)               = 0
[pid  5867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5867] write(3, "1000", 4)         = 4
[pid  5867] close(3)                    = 0
[pid  5867] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5867] write(1, "executing program\n", 18) = 18
[pid  5867] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5867] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5867] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5867] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5867] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5867] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5867] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5868 attached
 <unfinished ...>
[pid  5868] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5868] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5867] <... clone3 resumed> => {parent_tid=[5868]}, 88) = 5868
[pid  5868] <... set_robust_list resumed>) = 0
[pid  5867] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5868] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5867] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5868] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5867] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5868] mkdir(NULL, 000 <unfinished ...>
[pid  5867] <... futex resumed>)        = 0
[pid  5868] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5867] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5868] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5867] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5868] <... futex resumed>)        = 0
[pid  5867] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5868] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5867] <... futex resumed>)        = 0
[pid  5867] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5868] <... memfd_create resumed>) = 3
[pid  5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5868] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5868] munmap(0x7f4339800000, 138412032) = 0
[pid  5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5868] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5868] close(3)                    = 0
[pid  5868] close(4)                    = 0
[pid  5868] mkdir("./file7", 0777)      = 0
[pid  5868] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5868] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5868] chdir("./file7")            = 0
[pid  5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5868] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5867] <... futex resumed>)        = 0
[pid  5868] mkdir(".", 0777 <unfinished ...>
[pid  5867] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5868] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5867] <... futex resumed>)        = 0
[pid  5867] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5868] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5867] <... futex resumed>)        = 0
[  101.966838][ T5868] loop0: detected capacity change from 0 to 32768
[pid  5867] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5867] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5867] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5867] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5869 attached
 => {parent_tid=[5869]}, 88) = 5869
[pid  5869] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5868] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5868] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5869] <... rseq resumed>)         = 0
[pid  5868] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5867] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5869] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5867] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5869] <... set_robust_list resumed>) = 0
[pid  5867] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5869] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5867] <... futex resumed>)        = 0
[pid  5869] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5867] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5869] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5869] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5867] <... futex resumed>)        = 0
[pid  5869] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5867] exit_group(0 <unfinished ...>
[pid  5869] <... futex resumed>)        = ?
[pid  5869] +++ exited with 0 +++
[pid  5867] <... exit_group resumed>)   = ?
[pid  5868] <... futex resumed>)        = ?
[pid  5868] +++ exited with 0 +++
[pid  5867] +++ exited with 0 +++
[  102.028333][ T5868] syz-executor359: attempt to access beyond end of device
[  102.028333][ T5868] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  102.041881][ T5868] lbmIODone: I/O error in JFS log
[  102.049050][ T5868] *** Log Format Error ! ***
[  102.054534][ T5868] lmLogInit: exit(-22)
[  102.059264][ T5868] lmLogOpen: exit(-22)
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5867, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=17 /* 0.17 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./12/binderfs")                 = 0
umount2("./12/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./12/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./12/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./12")                           = 0
mkdir("./13", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5870 attached
, child_tidptr=0x555561d54690) = 5870
[pid  5870] set_robust_list(0x555561d546a0, 24) = 0
[pid  5870] chdir("./13")               = 0
[pid  5870] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5870] setpgid(0, 0)               = 0
[pid  5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5870] write(3, "1000", 4)         = 4
[pid  5870] close(3)                    = 0
[pid  5870] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5870] write(1, "executing program\n", 18) = 18
[pid  5870] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5870] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5870] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5870] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5870] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5870] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5870] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5871 attached
 <unfinished ...>
[pid  5871] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5871] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5870] <... clone3 resumed> => {parent_tid=[5871]}, 88) = 5871
[pid  5871] <... set_robust_list resumed>) = 0
[pid  5870] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5871] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5870] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5871] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5871] mkdir(NULL, 000 <unfinished ...>
[pid  5870] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5871] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5870] <... futex resumed>)        = 0
[pid  5871] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5870] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5871] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5870] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5870] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5871] <... futex resumed>)        = 0
[pid  5870] <... futex resumed>)        = 1
[pid  5871] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5870] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5871] <... memfd_create resumed>) = 3
[pid  5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5871] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5871] munmap(0x7f4339800000, 138412032) = 0
[pid  5871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5871] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5871] close(3)                    = 0
[pid  5871] close(4)                    = 0
[pid  5871] mkdir("./file7", 0777)      = 0
[  102.914969][ T5871] loop0: detected capacity change from 0 to 32768
[pid  5871] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5871] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5871] chdir("./file7")            = 0
[pid  5871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5871] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5871] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5870] <... futex resumed>)        = 0
[pid  5870] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5871] <... futex resumed>)        = 0
[pid  5871] mkdir(".", 0777 <unfinished ...>
[pid  5870] <... futex resumed>)        = 1
[pid  5871] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5870] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5871] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5870] <... futex resumed>)        = 0
[pid  5870] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5870] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5870] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5870] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5872 attached
 <unfinished ...>
[pid  5872] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5870] <... clone3 resumed> => {parent_tid=[5872]}, 88) = 5872
[pid  5872] <... rseq resumed>)         = 0
[pid  5870] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5872] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5870] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5872] <... set_robust_list resumed>) = 0
[pid  5870] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5872] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5870] <... futex resumed>)        = 0
[pid  5872] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5870] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5872] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5871] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5872] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5871] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5872] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5871] <... futex resumed>)        = 0
[pid  5872] <... futex resumed>)        = 1
[pid  5871] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5872] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5870] <... futex resumed>)        = 0
[pid  5870] exit_group(0 <unfinished ...>
[pid  5871] <... futex resumed>)        = ?
[pid  5870] <... exit_group resumed>)   = ?
[pid  5872] <... futex resumed>)        = ?
[pid  5871] +++ exited with 0 +++
[pid  5872] +++ exited with 0 +++
[pid  5870] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5870, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  102.991484][ T5871] syz-executor359: attempt to access beyond end of device
[  102.991484][ T5871] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  103.005078][ T5871] lbmIODone: I/O error in JFS log
[  103.010852][ T5871] *** Log Format Error ! ***
[  103.015990][ T5871] lmLogInit: exit(-22)
[  103.020198][ T5871] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./13/binderfs")                 = 0
umount2("./13/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./13/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./13/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./13")                           = 0
mkdir("./14", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5873 attached
, child_tidptr=0x555561d54690) = 5873
[pid  5873] set_robust_list(0x555561d546a0, 24) = 0
[pid  5873] chdir("./14")               = 0
[pid  5873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5873] setpgid(0, 0)               = 0
[pid  5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5873] write(3, "1000", 4)         = 4
[pid  5873] close(3)                    = 0
[pid  5873] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5873] write(1, "executing program\n", 18) = 18
[pid  5873] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5873] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5873] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5873] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5873] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5873] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5873] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5874 attached
 <unfinished ...>
[pid  5874] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5873] <... clone3 resumed> => {parent_tid=[5874]}, 88) = 5874
[pid  5874] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5873] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5874] <... set_robust_list resumed>) = 0
[pid  5873] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5874] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5873] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5874] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5873] <... futex resumed>)        = 0
[pid  5874] mkdir(NULL, 000 <unfinished ...>
[pid  5873] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5874] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5874] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5874] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5873] <... futex resumed>)        = 0
[pid  5874] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5873] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5874] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5873] <... futex resumed>)        = 0
[pid  5873] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5874] <... memfd_create resumed>) = 3
[pid  5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5874] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5874] munmap(0x7f4339800000, 138412032) = 0
[pid  5874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5874] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5874] close(3)                    = 0
[pid  5874] close(4)                    = 0
[pid  5874] mkdir("./file7", 0777)      = 0
[pid  5874] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[  103.856292][ T5874] loop0: detected capacity change from 0 to 32768
[pid  5874] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5874] chdir("./file7")            = 0
[pid  5874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5874] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5873] <... futex resumed>)        = 0
[pid  5873] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5874] <... futex resumed>)        = 1
[pid  5873] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5874] mkdir(".", 0777 <unfinished ...>
[pid  5873] <... futex resumed>)        = 0
[pid  5874] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5873] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5874] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5873] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5873] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5874] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5873] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0} <unfinished ...>
[pid  5874] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5875 attached
) = 0
[pid  5874] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5873] <... clone3 resumed> => {parent_tid=[5875]}, 88) = 5875
[pid  5875] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5873] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5875] <... rseq resumed>)         = 0
[pid  5875] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5873] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5875] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5873] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5875] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5873] <... futex resumed>)        = 0
[pid  5875] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5873] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5875] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5875] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5873] <... futex resumed>)        = 0
[pid  5875] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5873] exit_group(0 <unfinished ...>
[pid  5875] <... futex resumed>)        = ?
[pid  5874] <... futex resumed>)        = ?
[pid  5875] +++ exited with 0 +++
[pid  5873] <... exit_group resumed>)   = ?
[pid  5874] +++ exited with 0 +++
[pid  5873] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  103.944083][ T5874] syz-executor359: attempt to access beyond end of device
[  103.944083][ T5874] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  103.958107][ T5874] lbmIODone: I/O error in JFS log
[  103.963198][ T5874] *** Log Format Error ! ***
[  103.969247][ T5874] lmLogInit: exit(-22)
[  103.973555][ T5874] lmLogOpen: exit(-22)
umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./14/binderfs")                 = 0
umount2("./14/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./14/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./14/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./14")                           = 0
mkdir("./15", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5876 attached
, child_tidptr=0x555561d54690) = 5876
[pid  5876] set_robust_list(0x555561d546a0, 24) = 0
[pid  5876] chdir("./15")               = 0
[pid  5876] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5876] setpgid(0, 0)               = 0
[pid  5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5876] write(3, "1000", 4)         = 4
[pid  5876] close(3)                    = 0
[pid  5876] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5876] write(1, "executing program\n", 18) = 18
[pid  5876] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5876] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5876] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5876] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5876] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5876] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5877 attached
 <unfinished ...>
[pid  5877] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5876] <... clone3 resumed> => {parent_tid=[5877]}, 88) = 5877
[pid  5877] <... rseq resumed>)         = 0
[pid  5876] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5877] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5876] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5877] <... set_robust_list resumed>) = 0
[pid  5876] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5877] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5876] <... futex resumed>)        = 0
[pid  5877] mkdir(NULL, 000 <unfinished ...>
[pid  5876] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5877] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5877] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5876] <... futex resumed>)        = 0
[pid  5877] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5876] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5877] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5876] <... futex resumed>)        = 0
[pid  5877] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5876] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5877] <... memfd_create resumed>) = 3
[pid  5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5877] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5877] munmap(0x7f4339800000, 138412032) = 0
[pid  5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5877] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5877] close(3)                    = 0
[pid  5877] close(4)                    = 0
[pid  5877] mkdir("./file7", 0777)      = 0
[pid  5877] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5877] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5877] chdir("./file7")            = 0
[  104.733827][ T5877] loop0: detected capacity change from 0 to 32768
[pid  5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5877] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5876] <... futex resumed>)        = 0
[pid  5877] mkdir(".", 0777 <unfinished ...>
[pid  5876] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5877] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5876] <... futex resumed>)        = 0
[pid  5877] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5876] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5876] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5876] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5876] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5878 attached
 <unfinished ...>
[pid  5878] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5877] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5878] <... rseq resumed>)         = 0
[pid  5877] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5876] <... clone3 resumed> => {parent_tid=[5878]}, 88) = 5878
[pid  5878] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5876] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5877] <... futex resumed>)        = 0
[pid  5877] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5878] <... set_robust_list resumed>) = 0
[pid  5878] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5876] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5878] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5878] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5876] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5876] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5878] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5878] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[  104.802227][ T5877] syz-executor359: attempt to access beyond end of device
[  104.802227][ T5877] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  104.816066][ T5877] lbmIODone: I/O error in JFS log
[  104.822425][ T5877] *** Log Format Error ! ***
[  104.827774][ T5877] lmLogInit: exit(-22)
[  104.831912][ T5877] lmLogOpen: exit(-22)
[pid  5878] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5876] <... futex resumed>)        = 0
[pid  5876] exit_group(0 <unfinished ...>
[pid  5878] <... futex resumed>)        = ?
[pid  5877] <... futex resumed>)        = ?
[pid  5876] <... exit_group resumed>)   = ?
[pid  5878] +++ exited with 0 +++
[pid  5877] +++ exited with 0 +++
[pid  5876] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5876, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./15/binderfs")                 = 0
umount2("./15/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./15/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./15/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./15")                           = 0
mkdir("./16", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5879 attached
, child_tidptr=0x555561d54690) = 5879
[pid  5879] set_robust_list(0x555561d546a0, 24) = 0
[pid  5879] chdir("./16")               = 0
[pid  5879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5879] setpgid(0, 0)               = 0
[pid  5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5879] write(3, "1000", 4)         = 4
[pid  5879] close(3)                    = 0
[pid  5879] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5879] write(1, "executing program\n", 18) = 18
[pid  5879] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5879] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5879] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5879] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5879] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5879] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5879] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5880 attached
 <unfinished ...>
[pid  5880] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5879] <... clone3 resumed> => {parent_tid=[5880]}, 88) = 5880
[pid  5880] <... rseq resumed>)         = 0
[pid  5880] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5879] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5880] <... set_robust_list resumed>) = 0
[pid  5879] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5880] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5879] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5880] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5879] <... futex resumed>)        = 0
[pid  5880] mkdir(NULL, 000 <unfinished ...>
[pid  5879] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5880] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5880] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5880] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5879] <... futex resumed>)        = 0
[pid  5879] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5880] <... futex resumed>)        = 0
[pid  5879] <... futex resumed>)        = 1
[pid  5880] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5879] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5880] <... memfd_create resumed>) = 3
[pid  5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5880] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5880] munmap(0x7f4339800000, 138412032) = 0
[pid  5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5880] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5880] close(3)                    = 0
[pid  5880] close(4)                    = 0
[pid  5880] mkdir("./file7", 0777)      = 0
[pid  5880] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5880] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[  105.662652][ T5880] loop0: detected capacity change from 0 to 32768
[pid  5880] chdir("./file7")            = 0
[pid  5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5880] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5879] <... futex resumed>)        = 0
[pid  5880] mkdir(".", 0777 <unfinished ...>
[pid  5879] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5880] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5879] <... futex resumed>)        = 0
[pid  5879] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5880] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5879] <... futex resumed>)        = 0
[pid  5879] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5879] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5879] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5879] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5881 attached
 => {parent_tid=[5881]}, 88) = 5881
[pid  5881] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5879] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5881] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5879] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5881] <... set_robust_list resumed>) = 0
[pid  5879] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5881] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5879] <... futex resumed>)        = 0
[pid  5881] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5881] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5879] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5881] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5881] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5879] <... futex resumed>)        = 0
[pid  5881] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5880] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5880] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5880] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5879] exit_group(0 <unfinished ...>
[pid  5881] <... futex resumed>)        = ?
[pid  5880] <... futex resumed>)        = ?
[pid  5881] +++ exited with 0 +++
[pid  5880] +++ exited with 0 +++
[pid  5879] <... exit_group resumed>)   = ?
[pid  5879] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5879, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  105.749566][ T5880] syz-executor359: attempt to access beyond end of device
[  105.749566][ T5880] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  105.763068][ T5880] lbmIODone: I/O error in JFS log
[  105.768367][ T5880] *** Log Format Error ! ***
[  105.773298][ T5880] lmLogInit: exit(-22)
[  105.777472][ T5880] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./16/binderfs")                 = 0
umount2("./16/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./16/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./16/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./16")                           = 0
mkdir("./17", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5882 attached
, child_tidptr=0x555561d54690) = 5882
[pid  5882] set_robust_list(0x555561d546a0, 24) = 0
[pid  5882] chdir("./17")               = 0
[pid  5882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5882] setpgid(0, 0)               = 0
[pid  5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5882] write(3, "1000", 4)         = 4
[pid  5882] close(3)                    = 0
[pid  5882] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5882] write(1, "executing program\n", 18) = 18
[pid  5882] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5882] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5882] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5882] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5882] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5882] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5882] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5883 attached
 <unfinished ...>
[pid  5883] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5883] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5882] <... clone3 resumed> => {parent_tid=[5883]}, 88) = 5883
[pid  5883] <... set_robust_list resumed>) = 0
[pid  5883] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5882] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5883] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5882] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5883] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5882] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5883] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5883] mkdir(NULL, 000 <unfinished ...>
[pid  5882] <... futex resumed>)        = 0
[pid  5883] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5882] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5883] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5882] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5883] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5882] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5883] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5882] <... futex resumed>)        = 0
[pid  5883] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5882] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5883] <... memfd_create resumed>) = 3
[pid  5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5883] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5883] munmap(0x7f4339800000, 138412032) = 0
[pid  5883] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5883] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5883] close(3)                    = 0
[pid  5883] close(4)                    = 0
[pid  5883] mkdir("./file7", 0777)      = 0
[pid  5883] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5883] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5883] chdir("./file7")            = 0
[pid  5883] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5883] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5882] <... futex resumed>)        = 0
[pid  5883] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5882] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5882] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5882] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5883] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5882] <... mmap resumed>)         = 0x7f4341d5e000
[pid  5883] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5882] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5883] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5882] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5882] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5884 attached
 <unfinished ...>
[pid  5884] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[  106.525739][ T5883] loop0: detected capacity change from 0 to 32768
[pid  5882] <... clone3 resumed> => {parent_tid=[5884]}, 88) = 5884
[pid  5884] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5884] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5882] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5884] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5884] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5882] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5882] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5884] <... futex resumed>)        = 0
[pid  5884] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5882] <... futex resumed>)        = 1
[pid  5882] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5884] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5884] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5882] <... futex resumed>)        = 0
[pid  5884] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5883] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5883] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5883] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5882] exit_group(0 <unfinished ...>
[pid  5883] <... futex resumed>)        = ?
[pid  5884] <... futex resumed>)        = ?
[pid  5883] +++ exited with 0 +++
[pid  5882] <... exit_group resumed>)   = ?
[pid  5884] +++ exited with 0 +++
[pid  5882] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  106.571239][ T5883] syz-executor359: attempt to access beyond end of device
[  106.571239][ T5883] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  106.585027][ T5883] lbmIODone: I/O error in JFS log
[  106.591913][ T5883] *** Log Format Error ! ***
[  106.597900][ T5883] lmLogInit: exit(-22)
[  106.602119][ T5883] lmLogOpen: exit(-22)
umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./17/binderfs")                 = 0
umount2("./17/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./17/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./17/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./17")                           = 0
mkdir("./18", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5885 attached
, child_tidptr=0x555561d54690) = 5885
[pid  5885] set_robust_list(0x555561d546a0, 24) = 0
[pid  5885] chdir("./18")               = 0
[pid  5885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5885] setpgid(0, 0)               = 0
[pid  5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5885] write(3, "1000", 4)         = 4
[pid  5885] close(3)                    = 0
[pid  5885] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5885] write(1, "executing program\n", 18executing program
) = 18
[pid  5885] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5885] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5885] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5885] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5885] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5885] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5885] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5886 attached
 <unfinished ...>
[pid  5886] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5886] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5885] <... clone3 resumed> => {parent_tid=[5886]}, 88) = 5886
[pid  5886] <... set_robust_list resumed>) = 0
[pid  5885] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5886] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5885] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5886] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5885] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5886] mkdir(NULL, 000 <unfinished ...>
[pid  5885] <... futex resumed>)        = 0
[pid  5886] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5885] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5886] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5885] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5886] <... futex resumed>)        = 0
[pid  5885] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5886] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5885] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5886] <... memfd_create resumed>) = 3
[pid  5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5886] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5886] munmap(0x7f4339800000, 138412032) = 0
[pid  5886] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5886] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5886] close(3)                    = 0
[pid  5886] close(4)                    = 0
[pid  5886] mkdir("./file7", 0777)      = 0
[pid  5886] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5886] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5886] chdir("./file7")            = 0
[pid  5886] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5886] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5885] <... futex resumed>)        = 0
[pid  5886] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5885] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5886] mkdir(".", 0777 <unfinished ...>
[pid  5885] <... futex resumed>)        = 0
[pid  5886] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5885] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5886] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5885] <... futex resumed>)        = 0
[pid  5885] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5885] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[  107.268699][ T5886] loop0: detected capacity change from 0 to 32768
[pid  5885] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5885] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0} => {parent_tid=[5887]}, 88) = 5887
./strace-static-x86_64: Process 5887 attached
[pid  5885] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5887] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5885] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5887] <... rseq resumed>)         = 0
[pid  5887] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5885] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5887] <... set_robust_list resumed>) = 0
[pid  5887] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5885] <... futex resumed>)        = 0
[pid  5887] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5885] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5887] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5887] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5885] <... futex resumed>)        = 0
[pid  5887] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5886] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5886] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5886] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5885] exit_group(0 <unfinished ...>
[pid  5886] <... futex resumed>)        = ?
[pid  5887] <... futex resumed>)        = ?
[pid  5885] <... exit_group resumed>)   = ?
[pid  5887] +++ exited with 0 +++
[pid  5886] +++ exited with 0 +++
[pid  5885] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  107.318099][ T5886] syz-executor359: attempt to access beyond end of device
[  107.318099][ T5886] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  107.331620][ T5886] lbmIODone: I/O error in JFS log
[  107.337270][ T5886] *** Log Format Error ! ***
[  107.342331][ T5886] lmLogInit: exit(-22)
[  107.346741][ T5886] lmLogOpen: exit(-22)
umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./18/binderfs")                 = 0
umount2("./18/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./18/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./18/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./18/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./18")                           = 0
mkdir("./19", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5888 attached
, child_tidptr=0x555561d54690) = 5888
[pid  5888] set_robust_list(0x555561d546a0, 24) = 0
[pid  5888] chdir("./19")               = 0
[pid  5888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5888] setpgid(0, 0)               = 0
[pid  5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5888] write(3, "1000", 4)         = 4
[pid  5888] close(3)                    = 0
[pid  5888] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5888] write(1, "executing program\n", 18) = 18
[pid  5888] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5888] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5888] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5888] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5888] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5888] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5889 attached
 <unfinished ...>
[pid  5889] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5888] <... clone3 resumed> => {parent_tid=[5889]}, 88) = 5889
[pid  5889] <... rseq resumed>)         = 0
[pid  5889] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5888] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5889] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5888] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5889] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5888] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5889] mkdir(NULL, 000 <unfinished ...>
[pid  5888] <... futex resumed>)        = 0
[pid  5889] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5888] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5889] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5888] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5889] <... futex resumed>)        = 0
[pid  5888] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5889] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5888] <... futex resumed>)        = 0
[pid  5888] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5889] <... memfd_create resumed>) = 3
[pid  5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5889] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5889] munmap(0x7f4339800000, 138412032) = 0
[pid  5889] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5889] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5889] close(3)                    = 0
[pid  5889] close(4)                    = 0
[pid  5889] mkdir("./file7", 0777)      = 0
[pid  5889] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[  108.104580][ T5889] loop0: detected capacity change from 0 to 32768
[pid  5889] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5889] chdir("./file7")            = 0
[pid  5889] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5889] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5888] <... futex resumed>)        = 0
[pid  5888] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5889] mkdir(".", 0777 <unfinished ...>
[pid  5888] <... futex resumed>)        = 0
[pid  5888] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5889] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5888] <... futex resumed>)        = 0
[pid  5888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5889] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5888] <... mmap resumed>)         = 0x7f4341d5e000
[pid  5888] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5888] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5888] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5890 attached
 <unfinished ...>
[pid  5890] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5888] <... clone3 resumed> => {parent_tid=[5890]}, 88) = 5890
[pid  5888] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5890] <... rseq resumed>)         = 0
[pid  5888] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5890] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5888] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5890] <... set_robust_list resumed>) = 0
[pid  5890] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5888] <... futex resumed>)        = 0
[pid  5890] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5890] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5888] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5890] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5890] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5888] <... futex resumed>)        = 0
[pid  5890] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5889] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5889] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5889] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5888] exit_group(0 <unfinished ...>
[pid  5890] <... futex resumed>)        = ?
[pid  5888] <... exit_group resumed>)   = ?
[pid  5890] +++ exited with 0 +++
[pid  5889] <... futex resumed>)        = ?
[pid  5889] +++ exited with 0 +++
[pid  5888] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5888, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  108.202617][ T5889] syz-executor359: attempt to access beyond end of device
[  108.202617][ T5889] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  108.216173][ T5889] lbmIODone: I/O error in JFS log
[  108.221784][ T5889] *** Log Format Error ! ***
[  108.226947][ T5889] lmLogInit: exit(-22)
[  108.231234][ T5889] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./19/binderfs")                 = 0
umount2("./19/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./19/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./19/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./19/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./19")                           = 0
mkdir("./20", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5891 attached
, child_tidptr=0x555561d54690) = 5891
[pid  5891] set_robust_list(0x555561d546a0, 24) = 0
[pid  5891] chdir("./20")               = 0
[pid  5891] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5891] setpgid(0, 0)               = 0
[pid  5891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5891] write(3, "1000", 4)         = 4
[pid  5891] close(3)                    = 0
[pid  5891] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5891] write(1, "executing program\n", 18) = 18
[pid  5891] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5891] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5891] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5891] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5891] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5891] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5891] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5892 attached
 <unfinished ...>
[pid  5892] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5891] <... clone3 resumed> => {parent_tid=[5892]}, 88) = 5892
[pid  5892] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5891] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5892] <... set_robust_list resumed>) = 0
[pid  5891] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5892] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5891] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5892] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5891] <... futex resumed>)        = 0
[pid  5892] mkdir(NULL, 000 <unfinished ...>
[pid  5891] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5892] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5892] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5891] <... futex resumed>)        = 0
[pid  5892] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5891] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5892] <... memfd_create resumed>) = 3
[pid  5891] <... futex resumed>)        = 0
[pid  5892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid  5891] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5892] <... mmap resumed>)         = 0x7f4339800000
[pid  5892] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5892] munmap(0x7f4339800000, 138412032) = 0
[pid  5892] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5892] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5892] close(3)                    = 0
[pid  5892] close(4)                    = 0
[pid  5892] mkdir("./file7", 0777)      = 0
[pid  5892] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5892] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5892] chdir("./file7")            = 0
[  108.998436][ T5892] loop0: detected capacity change from 0 to 32768
[pid  5892] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5892] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5891] <... futex resumed>)        = 0
[pid  5892] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5891] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5892] <... futex resumed>)        = 0
[pid  5891] <... futex resumed>)        = 1
[pid  5892] mkdir(".", 0777 <unfinished ...>
[pid  5891] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5892] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5891] <... futex resumed>)        = 0
[pid  5891] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5892] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5891] <... mmap resumed>)         = 0x7f4341d5e000
[pid  5891] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5891] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5891] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5893 attached
 <unfinished ...>
[pid  5893] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5891] <... clone3 resumed> => {parent_tid=[5893]}, 88) = 5893
[pid  5893] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5891] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5893] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5891] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5893] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5891] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5893] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5891] <... futex resumed>)        = 0
[pid  5891] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5893] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5893] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5891] <... futex resumed>)        = 0
[pid  5893] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5892] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5892] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5892] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5891] exit_group(0 <unfinished ...>
[pid  5892] <... futex resumed>)        = ?
[pid  5891] <... exit_group resumed>)   = ?
[pid  5893] <... futex resumed>)        = ?
[pid  5892] +++ exited with 0 +++
[pid  5893] +++ exited with 0 +++
[pid  5891] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5891, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  109.075809][ T5892] syz-executor359: attempt to access beyond end of device
[  109.075809][ T5892] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  109.089726][ T5892] lbmIODone: I/O error in JFS log
[  109.094792][ T5892] *** Log Format Error ! ***
[  109.099886][ T5892] lmLogInit: exit(-22)
[  109.104002][ T5892] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./20/binderfs")                 = 0
umount2("./20/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./20/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./20/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./20/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./20")                           = 0
mkdir("./21", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5894 attached
, child_tidptr=0x555561d54690) = 5894
[pid  5894] set_robust_list(0x555561d546a0, 24) = 0
[pid  5894] chdir("./21")               = 0
[pid  5894] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5894] setpgid(0, 0)               = 0
[pid  5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5894] write(3, "1000", 4)         = 4
[pid  5894] close(3)                    = 0
[pid  5894] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5894] write(1, "executing program\n", 18) = 18
[pid  5894] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5894] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5894] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5894] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5894] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5894] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5894] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5895 attached
 <unfinished ...>
[pid  5895] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5894] <... clone3 resumed> => {parent_tid=[5895]}, 88) = 5895
[pid  5895] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5894] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5895] <... set_robust_list resumed>) = 0
[pid  5894] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5895] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5894] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5895] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5895] mkdir(NULL, 000 <unfinished ...>
[pid  5894] <... futex resumed>)        = 0
[pid  5895] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5894] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5895] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5894] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5895] <... futex resumed>)        = 0
[pid  5894] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5895] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5894] <... futex resumed>)        = 0
[pid  5895] <... memfd_create resumed>) = 3
[pid  5894] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5895] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5895] munmap(0x7f4339800000, 138412032) = 0
[pid  5895] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5895] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5895] close(3)                    = 0
[pid  5895] close(4)                    = 0
[pid  5895] mkdir("./file7", 0777)      = 0
[pid  5895] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5895] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5895] chdir("./file7")            = 0
[  109.702852][ T5895] loop0: detected capacity change from 0 to 32768
[pid  5895] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5895] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5894] <... futex resumed>)        = 0
[pid  5895] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5894] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5895] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5894] <... futex resumed>)        = 0
[pid  5895] mkdir(".", 0777 <unfinished ...>
[pid  5894] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5895] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5894] <... futex resumed>)        = 0
[pid  5895] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5894] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5894] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5894] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5894] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5896 attached
 <unfinished ...>
[pid  5896] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5894] <... clone3 resumed> => {parent_tid=[5896]}, 88) = 5896
[pid  5896] <... rseq resumed>)         = 0
[pid  5896] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5894] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5896] <... set_robust_list resumed>) = 0
[pid  5894] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5894] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5896] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5894] <... futex resumed>)        = 0
[pid  5896] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5894] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5896] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5896] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5894] <... futex resumed>)        = 0
[pid  5896] <... futex resumed>)        = 1
[pid  5896] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5895] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5895] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5895] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5894] exit_group(0 <unfinished ...>
[pid  5896] <... futex resumed>)        = ?
[pid  5895] <... futex resumed>)        = ?
[pid  5894] <... exit_group resumed>)   = ?
[pid  5896] +++ exited with 0 +++
[pid  5895] +++ exited with 0 +++
[pid  5894] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  109.781037][ T5895] syz-executor359: attempt to access beyond end of device
[  109.781037][ T5895] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  109.795130][ T5895] lbmIODone: I/O error in JFS log
[  109.800647][ T5895] *** Log Format Error ! ***
[  109.806831][ T5895] lmLogInit: exit(-22)
[  109.810996][ T5895] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./21/binderfs")                 = 0
umount2("./21/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./21/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./21/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./21/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./21")                           = 0
mkdir("./22", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5897 attached
, child_tidptr=0x555561d54690) = 5897
[pid  5897] set_robust_list(0x555561d546a0, 24) = 0
[pid  5897] chdir("./22")               = 0
[pid  5897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5897] setpgid(0, 0)               = 0
[pid  5897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5897] write(3, "1000", 4)         = 4
[pid  5897] close(3)                    = 0
[pid  5897] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5897] write(1, "executing program\n", 18executing program
) = 18
[pid  5897] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5897] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5897] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5897] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5897] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5897] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5897] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5898 attached
 <unfinished ...>
[pid  5898] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5897] <... clone3 resumed> => {parent_tid=[5898]}, 88) = 5898
[pid  5898] <... rseq resumed>)         = 0
[pid  5898] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5897] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5898] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5897] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5898] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5897] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5898] mkdir(NULL, 000 <unfinished ...>
[pid  5897] <... futex resumed>)        = 0
[pid  5898] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5897] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5898] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5897] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5898] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5897] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5898] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5897] <... futex resumed>)        = 0
[pid  5898] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5897] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5898] <... memfd_create resumed>) = 3
[pid  5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5898] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5898] munmap(0x7f4339800000, 138412032) = 0
[pid  5898] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5898] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5898] close(3)                    = 0
[pid  5898] close(4)                    = 0
[pid  5898] mkdir("./file7", 0777)      = 0
[pid  5898] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5898] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5898] chdir("./file7")            = 0
[pid  5898] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5898] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5897] <... futex resumed>)        = 0
[pid  5898] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5897] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5898] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5897] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5898] mkdir(".", 0777 <unfinished ...>
[pid  5897] <... futex resumed>)        = 0
[pid  5898] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5897] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5898] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5897] <... mmap resumed>)         = 0x7f4341d5e000
[  110.580201][ T5898] loop0: detected capacity change from 0 to 32768
[pid  5897] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5897] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5897] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5899 attached
 <unfinished ...>
[pid  5899] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5897] <... clone3 resumed> => {parent_tid=[5899]}, 88) = 5899
[pid  5899] <... rseq resumed>)         = 0
[pid  5897] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5899] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5897] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5899] <... set_robust_list resumed>) = 0
[pid  5899] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5897] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5899] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5897] <... futex resumed>)        = 0
[pid  5899] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5897] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5899] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5899] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5897] <... futex resumed>)        = 0
[pid  5899] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5898] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5898] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5898] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5897] exit_group(0 <unfinished ...>
[pid  5899] <... futex resumed>)        = ?
[pid  5898] <... futex resumed>)        = ?
[pid  5899] +++ exited with 0 +++
[pid  5897] <... exit_group resumed>)   = ?
[pid  5898] +++ exited with 0 +++
[pid  5897] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5897, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=19 /* 0.19 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  110.643332][ T5898] syz-executor359: attempt to access beyond end of device
[  110.643332][ T5898] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  110.657672][ T5898] lbmIODone: I/O error in JFS log
[  110.663009][ T5898] *** Log Format Error ! ***
[  110.669257][ T5898] lmLogInit: exit(-22)
[  110.674024][ T5898] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./22/binderfs")                 = 0
umount2("./22/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./22/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./22/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./22/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./22")                           = 0
mkdir("./23", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5900 attached
, child_tidptr=0x555561d54690) = 5900
[pid  5900] set_robust_list(0x555561d546a0, 24) = 0
[pid  5900] chdir("./23")               = 0
[pid  5900] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5900] setpgid(0, 0)               = 0
[pid  5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5900] write(3, "1000", 4)         = 4
[pid  5900] close(3)                    = 0
[pid  5900] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5900] write(1, "executing program\n", 18) = 18
[pid  5900] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5900] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5900] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5900] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5900] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5900] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5900] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5901 attached
 <unfinished ...>
[pid  5901] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5901] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5900] <... clone3 resumed> => {parent_tid=[5901]}, 88) = 5901
[pid  5901] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5900] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5901] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5900] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5901] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5900] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5901] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5901] mkdir(NULL, 000 <unfinished ...>
[pid  5900] <... futex resumed>)        = 0
[pid  5900] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5901] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5901] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5900] <... futex resumed>)        = 0
[pid  5901] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5900] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5901] <... memfd_create resumed>) = 3
[pid  5900] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5901] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5901] munmap(0x7f4339800000, 138412032) = 0
[pid  5901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5901] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5901] close(3)                    = 0
[pid  5901] close(4)                    = 0
[pid  5901] mkdir("./file7", 0777)      = 0
[pid  5901] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5901] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5901] chdir("./file7")            = 0
[pid  5901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5901] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5900] <... futex resumed>)        = 0
[pid  5901] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5900] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5901] mkdir(".", 0777 <unfinished ...>
[pid  5900] <... futex resumed>)        = 0
[pid  5901] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5900] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5901] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5900] <... futex resumed>)        = 0
[pid  5900] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5900] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5900] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5900] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5902 attached
[  111.451384][ T5901] loop0: detected capacity change from 0 to 32768
 <unfinished ...>
[pid  5902] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5900] <... clone3 resumed> => {parent_tid=[5902]}, 88) = 5902
[pid  5902] <... rseq resumed>)         = 0
[pid  5902] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5900] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5902] <... set_robust_list resumed>) = 0
[pid  5900] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5902] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5900] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5902] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5900] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5902] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5902] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5900] <... futex resumed>)        = 0
[pid  5902] <... futex resumed>)        = 1
[pid  5902] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5901] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5901] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5901] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5900] exit_group(0 <unfinished ...>
[pid  5902] <... futex resumed>)        = ?
[pid  5901] <... futex resumed>)        = ?
[pid  5900] <... exit_group resumed>)   = ?
[pid  5902] +++ exited with 0 +++
[pid  5901] +++ exited with 0 +++
[pid  5900] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5900, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=22 /* 0.22 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  111.505554][ T5901] syz-executor359: attempt to access beyond end of device
[  111.505554][ T5901] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  111.519811][ T5901] lbmIODone: I/O error in JFS log
[  111.525191][ T5901] *** Log Format Error ! ***
[  111.530769][ T5901] lmLogInit: exit(-22)
[  111.534886][ T5901] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./23/binderfs")                 = 0
umount2("./23/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./23/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./23/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./23/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./23")                           = 0
mkdir("./24", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5903 attached
, child_tidptr=0x555561d54690) = 5903
[pid  5903] set_robust_list(0x555561d546a0, 24) = 0
[pid  5903] chdir("./24")               = 0
[pid  5903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5903] setpgid(0, 0)               = 0
[pid  5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5903] write(3, "1000", 4)         = 4
[pid  5903] close(3)                    = 0
[pid  5903] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5903] write(1, "executing program\n", 18executing program
) = 18
[pid  5903] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5903] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5903] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5903] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5903] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5903] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5904 attached
 <unfinished ...>
[pid  5904] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5903] <... clone3 resumed> => {parent_tid=[5904]}, 88) = 5904
[pid  5904] <... rseq resumed>)         = 0
[pid  5903] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5904] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5903] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5904] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5903] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5904] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5903] <... futex resumed>)        = 0
[pid  5904] mkdir(NULL, 000 <unfinished ...>
[pid  5903] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5904] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5904] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5904] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5903] <... futex resumed>)        = 0
[pid  5903] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5904] <... futex resumed>)        = 0
[pid  5903] <... futex resumed>)        = 1
[pid  5903] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5904] memfd_create("syzkaller", 0) = 3
[pid  5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5904] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5904] munmap(0x7f4339800000, 138412032) = 0
[pid  5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5904] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5904] close(3)                    = 0
[pid  5904] close(4)                    = 0
[pid  5904] mkdir("./file7", 0777)      = 0
[pid  5904] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5904] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5904] chdir("./file7")            = 0
[  112.258699][ T5904] loop0: detected capacity change from 0 to 32768
[pid  5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5904] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5903] <... futex resumed>)        = 0
[pid  5903] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5903] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5903] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5904] mkdir(".", 0777 <unfinished ...>
[pid  5903] rt_sigprocmask(SIG_BLOCK, ~[],  <unfinished ...>
[pid  5904] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5903] <... rt_sigprocmask resumed>[], 8) = 0
[pid  5904] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5903] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5905 attached
 => {parent_tid=[5905]}, 88) = 5905
[pid  5905] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5903] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5905] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5903] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5905] <... set_robust_list resumed>) = 0
[pid  5905] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5903] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5905] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5905] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5903] <... futex resumed>)        = 0
[pid  5903] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5905] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5905] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5903] <... futex resumed>)        = 0
[pid  5905] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5904] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5904] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5904] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5903] exit_group(0 <unfinished ...>
[pid  5905] <... futex resumed>)        = ?
[pid  5904] <... futex resumed>)        = ?
[pid  5903] <... exit_group resumed>)   = ?
[pid  5905] +++ exited with 0 +++
[pid  5904] +++ exited with 0 +++
[pid  5903] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5903, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  112.342902][ T5904] syz-executor359: attempt to access beyond end of device
[  112.342902][ T5904] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  112.357057][ T5904] lbmIODone: I/O error in JFS log
[  112.362217][ T5904] *** Log Format Error ! ***
[  112.367849][ T5904] lmLogInit: exit(-22)
[  112.372623][ T5904] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./24/binderfs")                 = 0
umount2("./24/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./24/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./24/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./24/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./24")                           = 0
mkdir("./25", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5906 attached
, child_tidptr=0x555561d54690) = 5906
[pid  5906] set_robust_list(0x555561d546a0, 24) = 0
[pid  5906] chdir("./25")               = 0
[pid  5906] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5906] setpgid(0, 0)               = 0
[pid  5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5906] write(3, "1000", 4)         = 4
[pid  5906] close(3)                    = 0
[pid  5906] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5906] write(1, "executing program\n", 18) = 18
[pid  5906] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5906] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5906] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5906] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5906] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5906] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5906] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5907 attached
 <unfinished ...>
[pid  5907] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5906] <... clone3 resumed> => {parent_tid=[5907]}, 88) = 5907
[pid  5907] <... rseq resumed>)         = 0
[pid  5906] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5907] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5906] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5907] <... set_robust_list resumed>) = 0
[pid  5906] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5907] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5906] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5907] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5907] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5907] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5906] <... futex resumed>)        = 0
[pid  5907] <... futex resumed>)        = 1
[pid  5906] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5907] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5906] <... futex resumed>)        = 0
[pid  5906] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5907] <... memfd_create resumed>) = 3
[pid  5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5907] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5907] munmap(0x7f4339800000, 138412032) = 0
[pid  5907] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5907] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5907] close(3)                    = 0
[pid  5907] close(4)                    = 0
[pid  5907] mkdir("./file7", 0777)      = 0
[pid  5907] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5907] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5907] chdir("./file7")            = 0
[pid  5907] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[  113.112602][ T5907] loop0: detected capacity change from 0 to 32768
[pid  5907] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5906] <... futex resumed>)        = 0
[pid  5907] mkdir(".", 0777 <unfinished ...>
[pid  5906] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5907] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5906] <... futex resumed>)        = 0
[pid  5907] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5906] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5906] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5906] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5906] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5906] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5908 attached
 <unfinished ...>
[pid  5908] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5907] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5906] <... clone3 resumed> => {parent_tid=[5908]}, 88) = 5908
[pid  5908] <... rseq resumed>)         = 0
[pid  5907] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5908] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5906] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5908] <... set_robust_list resumed>) = 0
[pid  5907] <... futex resumed>)        = 0
[pid  5906] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5908] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5907] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5908] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5906] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5908] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5906] <... futex resumed>)        = 0
[pid  5906] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5908] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5908] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5906] <... futex resumed>)        = 0
[pid  5908] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5906] exit_group(0 <unfinished ...>
[pid  5908] <... futex resumed>)        = ?
[pid  5907] <... futex resumed>)        = ?
[pid  5906] <... exit_group resumed>)   = ?
[pid  5908] +++ exited with 0 +++
[pid  5907] +++ exited with 0 +++
[pid  5906] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5906, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} ---
[  113.184210][ T5907] syz-executor359: attempt to access beyond end of device
[  113.184210][ T5907] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  113.197696][ T5907] lbmIODone: I/O error in JFS log
[  113.202808][ T5907] *** Log Format Error ! ***
[  113.209320][ T5907] lmLogInit: exit(-22)
[  113.213470][ T5907] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./25/binderfs")                 = 0
umount2("./25/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./25/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./25/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./25/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./25")                           = 0
mkdir("./26", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5909 attached
, child_tidptr=0x555561d54690) = 5909
[pid  5909] set_robust_list(0x555561d546a0, 24) = 0
[pid  5909] chdir("./26")               = 0
[pid  5909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5909] setpgid(0, 0)               = 0
[pid  5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5909] write(3, "1000", 4)         = 4
[pid  5909] close(3)                    = 0
[pid  5909] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5909] write(1, "executing program\n", 18executing program
) = 18
[pid  5909] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5909] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5909] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5909] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5909] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5909] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5909] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5910 attached
 <unfinished ...>
[pid  5910] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5909] <... clone3 resumed> => {parent_tid=[5910]}, 88) = 5910
[pid  5910] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5909] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5910] <... set_robust_list resumed>) = 0
[pid  5909] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5910] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5909] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5910] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5909] <... futex resumed>)        = 0
[pid  5910] mkdir(NULL, 000 <unfinished ...>
[pid  5909] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5910] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5910] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5909] <... futex resumed>)        = 0
[pid  5909] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5910] <... futex resumed>)        = 1
[pid  5909] <... futex resumed>)        = 0
[pid  5910] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5909] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5910] <... memfd_create resumed>) = 3
[pid  5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5910] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5910] munmap(0x7f4339800000, 138412032) = 0
[pid  5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5910] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5910] close(3)                    = 0
[pid  5910] close(4)                    = 0
[pid  5910] mkdir("./file7", 0777)      = 0
[pid  5910] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5910] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5910] chdir("./file7")            = 0
[pid  5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5910] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5909] <... futex resumed>)        = 0
[pid  5910] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5909] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5910] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5909] <... futex resumed>)        = 0
[pid  5910] mkdir(".", 0777 <unfinished ...>
[pid  5909] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5910] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5909] <... futex resumed>)        = 0
[pid  5909] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[  114.040882][ T5910] loop0: detected capacity change from 0 to 32768
[pid  5910] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5909] <... mmap resumed>)         = 0x7f4341d5e000
[pid  5909] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5909] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5909] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5911 attached
 <unfinished ...>
[pid  5911] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5910] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5909] <... clone3 resumed> => {parent_tid=[5911]}, 88) = 5911
[pid  5911] <... rseq resumed>)         = 0
[pid  5909] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5911] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5909] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5911] <... set_robust_list resumed>) = 0
[pid  5909] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5911] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5909] <... futex resumed>)        = 0
[pid  5911] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5909] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5911] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5910] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5911] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5910] <... futex resumed>)        = 0
[pid  5911] <... futex resumed>)        = 1
[pid  5910] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5909] <... futex resumed>)        = 0
[pid  5911] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5909] exit_group(0 <unfinished ...>
[pid  5910] <... futex resumed>)        = ?
[pid  5911] <... futex resumed>)        = ?
[pid  5909] <... exit_group resumed>)   = ?
[pid  5911] +++ exited with 0 +++
[pid  5910] +++ exited with 0 +++
[pid  5909] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5909, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=22 /* 0.22 s */} ---
[  114.103253][ T5910] syz-executor359: attempt to access beyond end of device
[  114.103253][ T5910] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  114.118429][ T5910] lbmIODone: I/O error in JFS log
[  114.123550][ T5910] *** Log Format Error ! ***
[  114.129224][ T5910] lmLogInit: exit(-22)
[  114.133375][ T5910] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./26/binderfs")                 = 0
umount2("./26/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./26/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./26/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./26/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./26")                           = 0
mkdir("./27", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5912 attached
 <unfinished ...>
[pid  5912] set_robust_list(0x555561d546a0, 24 <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5912
[pid  5912] <... set_robust_list resumed>) = 0
[pid  5912] chdir("./27")               = 0
[pid  5912] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5912] setpgid(0, 0)               = 0
[pid  5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5912] write(3, "1000", 4)         = 4
[pid  5912] close(3)                    = 0
[pid  5912] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5912] write(1, "executing program\n", 18) = 18
[pid  5912] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5912] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5912] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5912] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5912] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5912] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5912] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5913 attached
 <unfinished ...>
[pid  5913] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5912] <... clone3 resumed> => {parent_tid=[5913]}, 88) = 5913
[pid  5913] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5912] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5913] <... set_robust_list resumed>) = 0
[pid  5912] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5913] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5912] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5913] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5912] <... futex resumed>)        = 0
[pid  5913] mkdir(NULL, 000 <unfinished ...>
[pid  5912] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5913] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5913] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5912] <... futex resumed>)        = 0
[pid  5913] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5912] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5913] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5912] <... futex resumed>)        = 0
[pid  5912] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5913] memfd_create("syzkaller", 0) = 3
[pid  5913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5913] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5913] munmap(0x7f4339800000, 138412032) = 0
[pid  5913] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5913] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5913] close(3)                    = 0
[pid  5913] close(4)                    = 0
[pid  5913] mkdir("./file7", 0777)      = 0
[pid  5913] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5913] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5913] chdir("./file7")            = 0
[pid  5913] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[  114.965835][ T5913] loop0: detected capacity change from 0 to 32768
[pid  5913] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5912] <... futex resumed>)        = 0
[pid  5913] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5912] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5913] <... futex resumed>)        = 0
[pid  5913] mkdir(".", 0777 <unfinished ...>
[pid  5912] <... futex resumed>)        = 1
[pid  5913] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5912] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5913] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5912] <... futex resumed>)        = 0
[pid  5912] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5912] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5912] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5912] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5914 attached
 <unfinished ...>
[pid  5914] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5913] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5914] <... rseq resumed>)         = 0
[pid  5913] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5913] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5912] <... clone3 resumed> => {parent_tid=[5914]}, 88) = 5914
[pid  5912] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5914] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5912] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5914] <... set_robust_list resumed>) = 0
[pid  5912] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5914] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5912] <... futex resumed>)        = 0
[pid  5914] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5914] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5912] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5914] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5914] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5914] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5912] <... futex resumed>)        = 0
[pid  5912] exit_group(0 <unfinished ...>
[pid  5914] <... futex resumed>)        = ?
[pid  5913] <... futex resumed>)        = ?
[pid  5912] <... exit_group resumed>)   = ?
[pid  5914] +++ exited with 0 +++
[pid  5913] +++ exited with 0 +++
[pid  5912] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=22 /* 0.22 s */} ---
[  115.046683][ T5913] syz-executor359: attempt to access beyond end of device
[  115.046683][ T5913] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  115.061565][ T5913] lbmIODone: I/O error in JFS log
[  115.066867][ T5913] *** Log Format Error ! ***
[  115.072924][ T5913] lmLogInit: exit(-22)
[  115.077162][ T5913] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./27/binderfs")                 = 0
umount2("./27/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./27/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./27/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./27/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./27")                           = 0
mkdir("./28", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5915 attached
, child_tidptr=0x555561d54690) = 5915
[pid  5915] set_robust_list(0x555561d546a0, 24) = 0
[pid  5915] chdir("./28")               = 0
[pid  5915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5915] setpgid(0, 0)               = 0
[pid  5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5915] write(3, "1000", 4)         = 4
[pid  5915] close(3)                    = 0
[pid  5915] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5915] write(1, "executing program\n", 18) = 18
[pid  5915] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5915] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5915] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5915] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5915] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5915] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5916 attached
 <unfinished ...>
[pid  5916] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5915] <... clone3 resumed> => {parent_tid=[5916]}, 88) = 5916
[pid  5916] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5915] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5916] <... set_robust_list resumed>) = 0
[pid  5915] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5916] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5915] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5916] mkdir(NULL, 000 <unfinished ...>
[pid  5915] <... futex resumed>)        = 0
[pid  5916] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5915] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5916] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5915] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5916] <... futex resumed>)        = 0
[pid  5916] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5915] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5916] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5916] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5915] <... futex resumed>)        = 0
[pid  5916] <... memfd_create resumed>) = 3
[pid  5915] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5916] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5916] munmap(0x7f4339800000, 138412032) = 0
[pid  5916] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5916] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5916] close(3)                    = 0
[pid  5916] close(4)                    = 0
[pid  5916] mkdir("./file7", 0777)      = 0
[pid  5916] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5916] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5916] chdir("./file7")            = 0
[pid  5916] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5916] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5915] <... futex resumed>)        = 0
[pid  5916] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5915] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5916] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5916] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5915] <... futex resumed>)        = 0
[pid  5916] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5915] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  115.804377][ T5916] loop0: detected capacity change from 0 to 32768
[pid  5915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5915] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5915] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5915] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5917 attached
 <unfinished ...>
[pid  5917] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5915] <... clone3 resumed> => {parent_tid=[5917]}, 88) = 5917
[pid  5917] <... rseq resumed>)         = 0
[pid  5915] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5917] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5915] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5917] <... set_robust_list resumed>) = 0
[pid  5915] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5917] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5915] <... futex resumed>)        = 0
[pid  5917] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5915] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5917] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5916] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5917] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5916] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5917] <... futex resumed>)        = 1
[pid  5916] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5915] <... futex resumed>)        = 0
[pid  5917] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5915] exit_group(0 <unfinished ...>
[pid  5916] <... futex resumed>)        = ?
[pid  5915] <... exit_group resumed>)   = ?
[pid  5917] <... futex resumed>)        = ?
[pid  5917] +++ exited with 0 +++
[pid  5916] +++ exited with 0 +++
[pid  5915] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
[  115.853284][ T5916] syz-executor359: attempt to access beyond end of device
[  115.853284][ T5916] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  115.868936][ T5916] lbmIODone: I/O error in JFS log
[  115.874079][ T5916] *** Log Format Error ! ***
[  115.879201][ T5916] lmLogInit: exit(-22)
[  115.883354][ T5916] lmLogOpen: exit(-22)
umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./28/binderfs")                 = 0
umount2("./28/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./28/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./28/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./28/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./28")                           = 0
mkdir("./29", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5918 attached
, child_tidptr=0x555561d54690) = 5918
[pid  5918] set_robust_list(0x555561d546a0, 24) = 0
[pid  5918] chdir("./29")               = 0
[pid  5918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5918] setpgid(0, 0)               = 0
[pid  5918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5918] write(3, "1000", 4)         = 4
[pid  5918] close(3)                    = 0
[pid  5918] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5918] write(1, "executing program\n", 18) = 18
[pid  5918] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5918] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5918] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5918] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5918] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5918] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5918] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5919 attached
 <unfinished ...>
[pid  5919] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5919] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5918] <... clone3 resumed> => {parent_tid=[5919]}, 88) = 5919
[pid  5919] <... set_robust_list resumed>) = 0
[pid  5918] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5919] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5918] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5919] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5918] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5919] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5918] <... futex resumed>)        = 0
[pid  5919] mkdir(NULL, 000 <unfinished ...>
[pid  5918] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5919] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5919] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5918] <... futex resumed>)        = 0
[pid  5919] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5918] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5919] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5918] <... futex resumed>)        = 0
[pid  5919] <... memfd_create resumed>) = 3
[pid  5918] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5919] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5919] munmap(0x7f4339800000, 138412032) = 0
[pid  5919] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5919] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5919] close(3)                    = 0
[pid  5919] close(4)                    = 0
[pid  5919] mkdir("./file7", 0777)      = 0
[  116.512361][ T5919] loop0: detected capacity change from 0 to 32768
[pid  5919] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5919] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5919] chdir("./file7")            = 0
[pid  5919] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5919] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5918] <... futex resumed>)        = 0
[pid  5919] mkdir(".", 0777 <unfinished ...>
[pid  5918] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5919] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5918] <... futex resumed>)        = 0
[pid  5918] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5919] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5918] <... futex resumed>)        = 0
[pid  5918] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5918] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5918] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5918] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5920 attached
 <unfinished ...>
[pid  5920] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5918] <... clone3 resumed> => {parent_tid=[5920]}, 88) = 5920
[pid  5920] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5918] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5920] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5918] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5920] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5918] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5920] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5918] <... futex resumed>)        = 0
[pid  5918] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5920] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5920] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5918] <... futex resumed>)        = 0
[pid  5920] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5919] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5919] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5919] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5918] exit_group(0 <unfinished ...>
[pid  5920] <... futex resumed>)        = ?
[pid  5919] <... futex resumed>)        = ?
[pid  5918] <... exit_group resumed>)   = ?
[pid  5920] +++ exited with 0 +++
[pid  5919] +++ exited with 0 +++
[pid  5918] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5918, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=17 /* 0.17 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  116.613315][ T5919] syz-executor359: attempt to access beyond end of device
[  116.613315][ T5919] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  116.628117][ T5919] lbmIODone: I/O error in JFS log
[  116.633904][ T5919] *** Log Format Error ! ***
[  116.639160][ T5919] lmLogInit: exit(-22)
[  116.643321][ T5919] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./29/binderfs")                 = 0
umount2("./29/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./29/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./29/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./29/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./29")                           = 0
mkdir("./30", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5921 attached
 <unfinished ...>
[pid  5921] set_robust_list(0x555561d546a0, 24 <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5921
[pid  5921] <... set_robust_list resumed>) = 0
[pid  5921] chdir("./30")               = 0
[pid  5921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5921] setpgid(0, 0)               = 0
[pid  5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5921] write(3, "1000", 4)         = 4
[pid  5921] close(3)                    = 0
[pid  5921] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5921] write(1, "executing program\n", 18) = 18
[pid  5921] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5921] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5921] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5921] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5921] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5921] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5921] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5922 attached
 <unfinished ...>
[pid  5922] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5921] <... clone3 resumed> => {parent_tid=[5922]}, 88) = 5922
[pid  5922] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5921] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5922] <... set_robust_list resumed>) = 0
[pid  5921] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5922] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5921] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5922] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5921] <... futex resumed>)        = 0
[pid  5922] mkdir(NULL, 000 <unfinished ...>
[pid  5921] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5922] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5922] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5921] <... futex resumed>)        = 0
[pid  5922] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5921] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5922] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5921] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5922] memfd_create("syzkaller", 0) = 3
[pid  5922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5922] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5922] munmap(0x7f4339800000, 138412032) = 0
[pid  5922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5922] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5922] close(3)                    = 0
[pid  5922] close(4)                    = 0
[pid  5922] mkdir("./file7", 0777)      = 0
[pid  5922] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5922] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5922] chdir("./file7")            = 0
[pid  5922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5922] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5921] <... futex resumed>)        = 0
[pid  5922] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5921] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5922] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5922] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5921] <... futex resumed>)        = 0
[pid  5922] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5921] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  117.314327][ T5922] loop0: detected capacity change from 0 to 32768
[pid  5921] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5921] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5921] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5921] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5923 attached
 <unfinished ...>
[pid  5923] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5921] <... clone3 resumed> => {parent_tid=[5923]}, 88) = 5923
[pid  5923] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5921] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5923] <... set_robust_list resumed>) = 0
[pid  5923] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5921] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5923] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5921] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5923] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5921] <... futex resumed>)        = 0
[pid  5921] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5922] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5922] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5923] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5922] <... futex resumed>)        = 0
[pid  5923] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5922] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5923] <... futex resumed>)        = 1
[pid  5921] <... futex resumed>)        = 0
[pid  5923] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5921] exit_group(0 <unfinished ...>
[pid  5923] <... futex resumed>)        = ?
[pid  5922] <... futex resumed>)        = ?
[pid  5921] <... exit_group resumed>)   = ?
[pid  5923] +++ exited with 0 +++
[pid  5922] +++ exited with 0 +++
[pid  5921] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5921, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} ---
umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  117.363446][ T5922] syz-executor359: attempt to access beyond end of device
[  117.363446][ T5922] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  117.377057][ T5922] lbmIODone: I/O error in JFS log
[  117.382246][ T5922] *** Log Format Error ! ***
[  117.387412][ T5922] lmLogInit: exit(-22)
[  117.391564][ T5922] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./30/binderfs")                 = 0
umount2("./30/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./30/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./30/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./30/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./30")                           = 0
mkdir("./31", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5924 attached
, child_tidptr=0x555561d54690) = 5924
[pid  5924] set_robust_list(0x555561d546a0, 24) = 0
[pid  5924] chdir("./31")               = 0
[pid  5924] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5924] setpgid(0, 0)               = 0
[pid  5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5924] write(3, "1000", 4)         = 4
[pid  5924] close(3)                    = 0
[pid  5924] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5924] write(1, "executing program\n", 18) = 18
[pid  5924] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5924] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5924] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5924] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5924] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5924] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5924] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5925 attached
 <unfinished ...>
[pid  5925] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5924] <... clone3 resumed> => {parent_tid=[5925]}, 88) = 5925
[pid  5925] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5924] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5925] <... set_robust_list resumed>) = 0
[pid  5924] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5925] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5924] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5925] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5925] mkdir(NULL, 000 <unfinished ...>
[pid  5924] <... futex resumed>)        = 0
[pid  5925] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5924] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5925] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5924] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5925] <... futex resumed>)        = 0
[pid  5924] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5925] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5924] <... futex resumed>)        = 0
[pid  5924] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5925] <... memfd_create resumed>) = 3
[pid  5925] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5925] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5925] munmap(0x7f4339800000, 138412032) = 0
[pid  5925] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5925] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5925] close(3)                    = 0
[pid  5925] close(4)                    = 0
[pid  5925] mkdir("./file7", 0777)      = 0
[pid  5925] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5925] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5925] chdir("./file7")            = 0
[pid  5925] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[  118.109588][ T5925] loop0: detected capacity change from 0 to 32768
[pid  5925] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5924] <... futex resumed>)        = 0
[pid  5924] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5925] <... futex resumed>)        = 1
[pid  5924] <... futex resumed>)        = 0
[pid  5924] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5925] mkdir(".", 0777 <unfinished ...>
[pid  5924] <... futex resumed>)        = 0
[pid  5925] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5924] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5925] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5924] <... mmap resumed>)         = 0x7f4341d5e000
[pid  5924] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5924] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5924] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5926 attached
 => {parent_tid=[5926]}, 88) = 5926
[pid  5926] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5924] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5926] <... rseq resumed>)         = 0
[pid  5924] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5926] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5924] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5926] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5924] <... futex resumed>)        = 0
[pid  5926] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5924] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5926] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5926] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5926] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5924] <... futex resumed>)        = 0
[pid  5925] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5925] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5925] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5924] exit_group(0 <unfinished ...>
[pid  5926] <... futex resumed>)        = ?
[pid  5925] <... futex resumed>)        = ?
[pid  5926] +++ exited with 0 +++
[pid  5925] +++ exited with 0 +++
[pid  5924] <... exit_group resumed>)   = ?
[pid  5924] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5924, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  118.182287][ T5925] syz-executor359: attempt to access beyond end of device
[  118.182287][ T5925] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  118.197678][ T5925] lbmIODone: I/O error in JFS log
[  118.202983][ T5925] *** Log Format Error ! ***
[  118.208210][ T5925] lmLogInit: exit(-22)
[  118.212371][ T5925] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./31/binderfs")                 = 0
umount2("./31/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./31/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./31/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./31/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./31")                           = 0
mkdir("./32", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5927 attached
, child_tidptr=0x555561d54690) = 5927
[pid  5927] set_robust_list(0x555561d546a0, 24) = 0
[pid  5927] chdir("./32")               = 0
[pid  5927] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5927] setpgid(0, 0)               = 0
[pid  5927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5927] write(3, "1000", 4)         = 4
[pid  5927] close(3)                    = 0
[pid  5927] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5927] write(1, "executing program\n", 18executing program
) = 18
[pid  5927] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5927] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5927] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5927] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5927] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5927] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5927] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5928 attached
 <unfinished ...>
[pid  5928] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5927] <... clone3 resumed> => {parent_tid=[5928]}, 88) = 5928
[pid  5928] <... rseq resumed>)         = 0
[pid  5928] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5927] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5928] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5927] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5928] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5927] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5928] mkdir(NULL, 000 <unfinished ...>
[pid  5927] <... futex resumed>)        = 0
[pid  5927] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5928] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5928] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5927] <... futex resumed>)        = 0
[pid  5927] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5928] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5927] <... futex resumed>)        = 0
[pid  5927] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5928] <... memfd_create resumed>) = 3
[pid  5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5928] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5928] munmap(0x7f4339800000, 138412032) = 0
[pid  5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5928] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5928] close(3)                    = 0
[pid  5928] close(4)                    = 0
[pid  5928] mkdir("./file7", 0777)      = 0
[pid  5928] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5928] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[  118.906725][ T5928] loop0: detected capacity change from 0 to 32768
[pid  5928] chdir("./file7")            = 0
[pid  5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5928] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5927] <... futex resumed>)        = 0
[pid  5928] mkdir(".", 0777 <unfinished ...>
[pid  5927] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5928] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5928] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5927] <... futex resumed>)        = 0
[pid  5927] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5927] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5927] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5927] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5927] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5929 attached
 => {parent_tid=[5929]}, 88) = 5929
[pid  5929] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5927] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5929] <... rseq resumed>)         = 0
[pid  5927] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5929] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5927] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5929] <... set_robust_list resumed>) = 0
[pid  5927] <... futex resumed>)        = 0
[pid  5929] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5927] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5929] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5929] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5928] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5929] <... futex resumed>)        = 1
[pid  5927] <... futex resumed>)        = 0
[pid  5929] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5928] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5928] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5927] exit_group(0 <unfinished ...>
[pid  5929] <... futex resumed>)        = ?
[pid  5928] <... futex resumed>)        = ?
[pid  5927] <... exit_group resumed>)   = ?
[pid  5929] +++ exited with 0 +++
[pid  5928] +++ exited with 0 +++
[pid  5927] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5927, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  118.999683][ T5928] syz-executor359: attempt to access beyond end of device
[  118.999683][ T5928] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  119.013600][ T5928] lbmIODone: I/O error in JFS log
[  119.018736][ T5928] *** Log Format Error ! ***
[  119.024932][ T5928] lmLogInit: exit(-22)
[  119.029347][ T5928] lmLogOpen: exit(-22)
umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./32/binderfs")                 = 0
umount2("./32/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./32/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./32/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./32/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./32")                           = 0
mkdir("./33", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5930 attached
, child_tidptr=0x555561d54690) = 5930
[pid  5930] set_robust_list(0x555561d546a0, 24) = 0
[pid  5930] chdir("./33")               = 0
[pid  5930] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5930] setpgid(0, 0)               = 0
[pid  5930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5930] write(3, "1000", 4)         = 4
[pid  5930] close(3)                    = 0
[pid  5930] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5930] write(1, "executing program\n", 18) = 18
[pid  5930] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5930] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5930] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5930] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5930] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5930] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5930] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5931 attached
 => {parent_tid=[5931]}, 88) = 5931
[pid  5931] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5930] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5931] <... rseq resumed>)         = 0
[pid  5930] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5931] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5930] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5931] <... set_robust_list resumed>) = 0
[pid  5931] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5930] <... futex resumed>)        = 0
[pid  5931] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5930] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5931] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5931] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5931] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5930] <... futex resumed>)        = 0
[pid  5930] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5931] <... futex resumed>)        = 0
[pid  5930] <... futex resumed>)        = 1
[pid  5930] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5931] memfd_create("syzkaller", 0) = 3
[pid  5931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5931] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5931] munmap(0x7f4339800000, 138412032) = 0
[pid  5931] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5931] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5931] close(3)                    = 0
[pid  5931] close(4)                    = 0
[pid  5931] mkdir("./file7", 0777)      = 0
[pid  5931] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5931] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5931] chdir("./file7")            = 0
[  119.839235][ T5931] loop0: detected capacity change from 0 to 32768
[pid  5931] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5931] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5930] <... futex resumed>)        = 0
[pid  5931] mkdir(".", 0777 <unfinished ...>
[pid  5930] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5931] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5930] <... futex resumed>)        = 0
[pid  5930] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5931] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5930] <... futex resumed>)        = 0
[pid  5930] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5930] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5930] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5930] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5932 attached
 <unfinished ...>
[pid  5932] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5930] <... clone3 resumed> => {parent_tid=[5932]}, 88) = 5932
[pid  5932] <... rseq resumed>)         = 0
[pid  5932] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5930] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5932] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5930] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5932] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5932] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5930] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5930] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5932] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5932] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5931] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5930] <... futex resumed>)        = 0
[pid  5932] <... futex resumed>)        = 1
[pid  5932] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5931] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5931] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5930] exit_group(0 <unfinished ...>
[pid  5932] <... futex resumed>)        = ?
[pid  5931] <... futex resumed>)        = ?
[pid  5932] +++ exited with 0 +++
[pid  5931] +++ exited with 0 +++
[pid  5930] <... exit_group resumed>)   = ?
[pid  5930] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5930, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  119.911874][ T5931] syz-executor359: attempt to access beyond end of device
[  119.911874][ T5931] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  119.925304][ T5931] lbmIODone: I/O error in JFS log
[  119.930472][ T5931] *** Log Format Error ! ***
[  119.935535][ T5931] lmLogInit: exit(-22)
[  119.939942][ T5931] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./33/binderfs")                 = 0
umount2("./33/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./33/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./33/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./33/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./33")                           = 0
mkdir("./34", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5933 attached
 <unfinished ...>
[pid  5933] set_robust_list(0x555561d546a0, 24 <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5933
[pid  5933] <... set_robust_list resumed>) = 0
[pid  5933] chdir("./34")               = 0
[pid  5933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5933] setpgid(0, 0)               = 0
[pid  5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5933] write(3, "1000", 4)         = 4
[pid  5933] close(3)                    = 0
[pid  5933] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5933] write(1, "executing program\n", 18) = 18
[pid  5933] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5933] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5933] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5933] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5933] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5933] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5933] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5934 attached
 <unfinished ...>
[pid  5934] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5933] <... clone3 resumed> => {parent_tid=[5934]}, 88) = 5934
[pid  5934] <... rseq resumed>)         = 0
[pid  5934] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5933] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5934] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5933] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5934] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5933] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5934] mkdir(NULL, 000 <unfinished ...>
[pid  5933] <... futex resumed>)        = 0
[pid  5934] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5933] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5934] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5933] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5934] <... futex resumed>)        = 0
[pid  5933] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5933] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5934] memfd_create("syzkaller", 0) = 3
[pid  5934] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5934] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5934] munmap(0x7f4339800000, 138412032) = 0
[pid  5934] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5934] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5934] close(3)                    = 0
[pid  5934] close(4)                    = 0
[pid  5934] mkdir("./file7", 0777)      = 0
[pid  5934] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5934] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5934] chdir("./file7")            = 0
[pid  5934] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5934] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5933] <... futex resumed>)        = 0
[pid  5934] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5933] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5934] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5933] <... futex resumed>)        = 0
[pid  5934] mkdir(".", 0777 <unfinished ...>
[pid  5933] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5934] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5933] <... futex resumed>)        = 0
[pid  5933] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5934] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5933] <... mmap resumed>)         = 0x7f4341d5e000
[  120.691949][ T5934] loop0: detected capacity change from 0 to 32768
[pid  5933] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5933] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5933] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5935 attached
 <unfinished ...>
[pid  5935] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5935] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5935] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5933] <... clone3 resumed> => {parent_tid=[5935]}, 88) = 5935
[pid  5935] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5933] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5933] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5935] <... futex resumed>)        = 0
[pid  5933] <... futex resumed>)        = 1
[pid  5935] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5933] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5935] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5935] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5933] <... futex resumed>)        = 0
[pid  5935] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5934] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5934] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5934] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5933] exit_group(0)               = ?
[pid  5935] <... futex resumed>)        = ?
[pid  5934] <... futex resumed>)        = ?
[pid  5935] +++ exited with 0 +++
[pid  5934] +++ exited with 0 +++
[pid  5933] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=15 /* 0.15 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  120.749639][ T5934] syz-executor359: attempt to access beyond end of device
[  120.749639][ T5934] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  120.766389][ T5934] lbmIODone: I/O error in JFS log
[  120.772138][ T5934] *** Log Format Error ! ***
[  120.777262][ T5934] lmLogInit: exit(-22)
[  120.781403][ T5934] lmLogOpen: exit(-22)
umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./34/binderfs")                 = 0
umount2("./34/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./34/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./34/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./34/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./34")                           = 0
mkdir("./35", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5936 attached
 <unfinished ...>
[pid  5936] set_robust_list(0x555561d546a0, 24 <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5936
[pid  5936] <... set_robust_list resumed>) = 0
[pid  5936] chdir("./35")               = 0
[pid  5936] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5936] setpgid(0, 0)               = 0
[pid  5936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5936] write(3, "1000", 4)         = 4
[pid  5936] close(3)                    = 0
[pid  5936] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5936] write(1, "executing program\n", 18) = 18
[pid  5936] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5936] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5936] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5936] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5936] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5936] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5936] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5937 attached
 <unfinished ...>
[pid  5937] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5937] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5936] <... clone3 resumed> => {parent_tid=[5937]}, 88) = 5937
[pid  5937] <... set_robust_list resumed>) = 0
[pid  5936] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5937] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5936] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5937] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5936] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5937] mkdir(NULL, 000 <unfinished ...>
[pid  5936] <... futex resumed>)        = 0
[pid  5937] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5936] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5937] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5936] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5937] <... futex resumed>)        = 0
[pid  5936] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5937] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5936] <... futex resumed>)        = 0
[pid  5936] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5937] <... memfd_create resumed>) = 3
[pid  5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5937] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5937] munmap(0x7f4339800000, 138412032) = 0
[pid  5937] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5937] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5937] close(3)                    = 0
[pid  5937] close(4)                    = 0
[pid  5937] mkdir("./file7", 0777)      = 0
[pid  5937] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5937] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5937] chdir("./file7")            = 0
[pid  5937] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5937] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5936] <... futex resumed>)        = 0
[pid  5936] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5937] <... futex resumed>)        = 1
[pid  5936] <... futex resumed>)        = 0
[pid  5937] mkdir(".", 0777 <unfinished ...>
[pid  5936] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5937] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5936] <... futex resumed>)        = 0
[pid  5937] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5936] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[  121.542258][ T5937] loop0: detected capacity change from 0 to 32768
[pid  5936] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5936] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5936] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5938 attached
 <unfinished ...>
[pid  5938] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5936] <... clone3 resumed> => {parent_tid=[5938]}, 88) = 5938
[pid  5938] <... rseq resumed>)         = 0
[pid  5936] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5938] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5936] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5938] <... set_robust_list resumed>) = 0
[pid  5938] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5936] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5938] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5936] <... futex resumed>)        = 0
[pid  5938] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5936] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5938] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5938] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5936] <... futex resumed>)        = 0
[pid  5938] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5937] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5937] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5937] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5936] exit_group(0 <unfinished ...>
[pid  5938] <... futex resumed>)        = ?
[pid  5937] <... futex resumed>)        = ?
[pid  5936] <... exit_group resumed>)   = ?
[pid  5938] +++ exited with 0 +++
[pid  5937] +++ exited with 0 +++
[pid  5936] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5936, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=17 /* 0.17 s */} ---
[  121.604424][ T5937] syz-executor359: attempt to access beyond end of device
[  121.604424][ T5937] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  121.619749][ T5937] lbmIODone: I/O error in JFS log
[  121.625151][ T5937] *** Log Format Error ! ***
[  121.630934][ T5937] lmLogInit: exit(-22)
[  121.635365][ T5937] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./35/binderfs")                 = 0
umount2("./35/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./35/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./35/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./35/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./35")                           = 0
mkdir("./36", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5939 attached
, child_tidptr=0x555561d54690) = 5939
[pid  5939] set_robust_list(0x555561d546a0, 24) = 0
[pid  5939] chdir("./36")               = 0
[pid  5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5939] setpgid(0, 0)               = 0
[pid  5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5939] write(3, "1000", 4)         = 4
[pid  5939] close(3)                    = 0
[pid  5939] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5939] write(1, "executing program\n", 18) = 18
[pid  5939] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5939] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5939] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5939] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5939] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5939] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5939] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5940 attached
 <unfinished ...>
[pid  5940] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5940] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5939] <... clone3 resumed> => {parent_tid=[5940]}, 88) = 5940
[pid  5940] <... set_robust_list resumed>) = 0
[pid  5939] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5940] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5939] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5940] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5939] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5940] mkdir(NULL, 000 <unfinished ...>
[pid  5939] <... futex resumed>)        = 0
[pid  5940] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5939] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5940] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5939] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5940] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5939] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5940] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5939] <... futex resumed>)        = 0
[pid  5940] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5939] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5940] <... memfd_create resumed>) = 3
[pid  5940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5940] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5940] munmap(0x7f4339800000, 138412032) = 0
[pid  5940] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5940] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5940] close(3)                    = 0
[pid  5940] close(4)                    = 0
[pid  5940] mkdir("./file7", 0777)      = 0
[pid  5940] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5940] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[  122.348964][ T5940] loop0: detected capacity change from 0 to 32768
[pid  5940] chdir("./file7")            = 0
[pid  5940] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5940] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5939] <... futex resumed>)        = 0
[pid  5940] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5939] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5940] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5939] <... futex resumed>)        = 0
[pid  5940] mkdir(".", 0777 <unfinished ...>
[pid  5939] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5940] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5939] <... futex resumed>)        = 0
[pid  5940] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5939] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5939] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5939] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5939] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5941 attached
 <unfinished ...>
[pid  5941] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5939] <... clone3 resumed> => {parent_tid=[5941]}, 88) = 5941
[pid  5941] <... rseq resumed>)         = 0
[pid  5941] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5939] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5941] <... set_robust_list resumed>) = 0
[pid  5939] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5941] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5939] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5941] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5939] <... futex resumed>)        = 0
[pid  5941] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5939] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5941] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5941] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5939] <... futex resumed>)        = 0
[pid  5941] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5940] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5940] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5940] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5939] exit_group(0 <unfinished ...>
[pid  5940] <... futex resumed>)        = ?
[pid  5939] <... exit_group resumed>)   = ?
[pid  5941] <... futex resumed>)        = ?
[pid  5940] +++ exited with 0 +++
[pid  5941] +++ exited with 0 +++
[pid  5939] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5939, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=16 /* 0.16 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  122.418337][ T5940] syz-executor359: attempt to access beyond end of device
[  122.418337][ T5940] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  122.431828][ T5940] lbmIODone: I/O error in JFS log
[  122.437455][ T5940] *** Log Format Error ! ***
[  122.443152][ T5940] lmLogInit: exit(-22)
[  122.447640][ T5940] lmLogOpen: exit(-22)
umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./36/binderfs")                 = 0
umount2("./36/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./36/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./36/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./36/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./36")                           = 0
mkdir("./37", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5942 attached
, child_tidptr=0x555561d54690) = 5942
[pid  5942] set_robust_list(0x555561d546a0, 24) = 0
[pid  5942] chdir("./37")               = 0
[pid  5942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5942] setpgid(0, 0)               = 0
[pid  5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5942] write(3, "1000", 4)         = 4
[pid  5942] close(3)                    = 0
[pid  5942] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5942] write(1, "executing program\n", 18) = 18
[pid  5942] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5942] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5942] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5942] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5942] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5942] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5942] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5943 attached
 <unfinished ...>
[pid  5943] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5942] <... clone3 resumed> => {parent_tid=[5943]}, 88) = 5943
[pid  5943] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5942] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5943] <... set_robust_list resumed>) = 0
[pid  5942] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5943] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5942] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5943] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5942] <... futex resumed>)        = 0
[pid  5943] mkdir(NULL, 000 <unfinished ...>
[pid  5942] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5943] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5943] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5942] <... futex resumed>)        = 0
[pid  5943] <... futex resumed>)        = 1
[pid  5942] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5943] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5942] <... futex resumed>)        = 0
[pid  5942] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5943] <... memfd_create resumed>) = 3
[pid  5943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5943] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5943] munmap(0x7f4339800000, 138412032) = 0
[pid  5943] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5943] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5943] close(3)                    = 0
[pid  5943] close(4)                    = 0
[pid  5943] mkdir("./file7", 0777)      = 0
[pid  5943] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5943] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5943] chdir("./file7")            = 0
[pid  5943] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5943] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5942] <... futex resumed>)        = 0
[pid  5943] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5942] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5943] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5942] <... futex resumed>)        = 0
[pid  5943] mkdir(".", 0777 <unfinished ...>
[pid  5942] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5943] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5942] <... futex resumed>)        = 0
[pid  5943] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5942] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5942] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[  123.231714][ T5943] loop0: detected capacity change from 0 to 32768
[pid  5942] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5942] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5945 attached
 <unfinished ...>
[pid  5945] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5942] <... clone3 resumed> => {parent_tid=[5945]}, 88) = 5945
[pid  5945] <... rseq resumed>)         = 0
[pid  5942] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5945] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5942] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5945] <... set_robust_list resumed>) = 0
[pid  5942] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5945] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5942] <... futex resumed>)        = 0
[pid  5945] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5942] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5945] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5945] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5942] <... futex resumed>)        = 0
[pid  5945] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5943] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5943] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5943] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5942] exit_group(0 <unfinished ...>
[pid  5945] <... futex resumed>)        = ?
[pid  5943] <... futex resumed>)        = ?
[pid  5942] <... exit_group resumed>)   = ?
[pid  5945] +++ exited with 0 +++
[pid  5943] +++ exited with 0 +++
[pid  5942] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5942, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  123.293528][ T5943] syz-executor359: attempt to access beyond end of device
[  123.293528][ T5943] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  123.309458][ T5943] lbmIODone: I/O error in JFS log
[  123.314535][ T5943] *** Log Format Error ! ***
[  123.320518][ T5943] lmLogInit: exit(-22)
[  123.324778][ T5943] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./37/binderfs")                 = 0
umount2("./37/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./37/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./37/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./37/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./37")                           = 0
mkdir("./38", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5948 attached
, child_tidptr=0x555561d54690) = 5948
[pid  5948] set_robust_list(0x555561d546a0, 24) = 0
[pid  5948] chdir("./38")               = 0
[pid  5948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5948] setpgid(0, 0)               = 0
[pid  5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5948] write(3, "1000", 4)         = 4
[pid  5948] close(3)                    = 0
[pid  5948] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5948] write(1, "executing program\n", 18) = 18
[pid  5948] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5948] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5948] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5948] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5948] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5948] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5949 attached
 => {parent_tid=[5949]}, 88) = 5949
[pid  5949] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5948] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5949] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5948] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5949] <... set_robust_list resumed>) = 0
[pid  5948] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5949] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5948] <... futex resumed>)        = 0
[pid  5949] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5948] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5949] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5949] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5948] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5949] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5948] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5949] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5948] <... futex resumed>)        = 0
[pid  5949] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5948] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5949] <... memfd_create resumed>) = 3
[pid  5949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5949] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5949] munmap(0x7f4339800000, 138412032) = 0
[pid  5949] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5949] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5949] close(3)                    = 0
[pid  5949] close(4)                    = 0
[pid  5949] mkdir("./file7", 0777)      = 0
[pid  5949] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5949] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5949] chdir("./file7")            = 0
[pid  5949] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5949] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5948] <... futex resumed>)        = 0
[pid  5949] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5948] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5949] <... futex resumed>)        = 0
[pid  5948] <... futex resumed>)        = 1
[pid  5949] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5949] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5948] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  124.090721][ T5949] loop0: detected capacity change from 0 to 32768
[  124.129585][ T5949] syz-executor359: attempt to access beyond end of device
[pid  5948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5948] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5948] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5948] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0} => {parent_tid=[5951]}, 88) = 5951
[pid  5948] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5948] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5948] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5951 attached
 <unfinished ...>
[pid  5951] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5951] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5951] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5951] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5951] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5948] <... futex resumed>)        = 0
[pid  5951] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5949] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5949] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5948] exit_group(0 <unfinished ...>
[pid  5951] <... futex resumed>)        = ?
[pid  5949] <... futex resumed>)        = ?
[pid  5951] +++ exited with 0 +++
[pid  5949] +++ exited with 0 +++
[pid  5948] <... exit_group resumed>)   = ?
[pid  5948] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5948, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./38/binderfs")                 = 0
[  124.129585][ T5949] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  124.147770][ T5949] lbmIODone: I/O error in JFS log
[  124.153972][ T5949] *** Log Format Error ! ***
[  124.159758][ T5949] lmLogInit: exit(-22)
[  124.163912][ T5949] lmLogOpen: exit(-22)
umount2("./38/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./38/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./38/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./38/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./38")                           = 0
mkdir("./39", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5952 attached
, child_tidptr=0x555561d54690) = 5952
[pid  5952] set_robust_list(0x555561d546a0, 24) = 0
[pid  5952] chdir("./39")               = 0
[pid  5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5952] setpgid(0, 0)               = 0
[pid  5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5952] write(3, "1000", 4)         = 4
[pid  5952] close(3)                    = 0
[pid  5952] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5952] write(1, "executing program\n", 18) = 18
[pid  5952] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5952] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5952] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5952] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5952] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5952] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5952] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5953 attached
 <unfinished ...>
[pid  5953] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5953] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5952] <... clone3 resumed> => {parent_tid=[5953]}, 88) = 5953
[pid  5953] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5952] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5953] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5952] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5953] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5952] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5953] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5952] <... futex resumed>)        = 0
[pid  5953] mkdir(NULL, 000 <unfinished ...>
[pid  5952] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5953] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5953] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5952] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5953] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5952] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5953] <... memfd_create resumed>) = 3
[pid  5952] <... futex resumed>)        = 0
[pid  5952] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5953] munmap(0x7f4339800000, 138412032) = 0
[pid  5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5953] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5953] close(3)                    = 0
[pid  5953] close(4)                    = 0
[pid  5953] mkdir("./file7", 0777)      = 0
[pid  5953] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5953] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5953] chdir("./file7")            = 0
[pid  5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5953] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5952] <... futex resumed>)        = 0
[pid  5953] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5952] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5953] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5952] <... futex resumed>)        = 0
[pid  5953] mkdir(".", 0777 <unfinished ...>
[  124.831036][ T5953] loop0: detected capacity change from 0 to 32768
[pid  5952] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5953] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5952] <... futex resumed>)        = 0
[pid  5953] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5952] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5952] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5952] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5952] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5954 attached
 <unfinished ...>
[pid  5954] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5952] <... clone3 resumed> => {parent_tid=[5954]}, 88) = 5954
[pid  5954] <... rseq resumed>)         = 0
[pid  5952] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5954] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5952] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5952] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5954] <... set_robust_list resumed>) = 0
[pid  5952] <... futex resumed>)        = 0
[pid  5954] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5952] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5954] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5954] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5953] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5954] <... futex resumed>)        = 1
[pid  5952] <... futex resumed>)        = 0
[pid  5954] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5953] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5952] exit_group(0 <unfinished ...>
[pid  5953] <... futex resumed>)        = 0
[pid  5954] <... futex resumed>)        = ?
[pid  5952] <... exit_group resumed>)   = ?
[pid  5954] +++ exited with 0 +++
[pid  5953] +++ exited with 0 +++
[pid  5952] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=19 /* 0.19 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[  124.903292][ T5953] syz-executor359: attempt to access beyond end of device
[  124.903292][ T5953] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  124.916773][ T5953] lbmIODone: I/O error in JFS log
[  124.922203][ T5953] *** Log Format Error ! ***
[  124.928043][ T5953] lmLogInit: exit(-22)
[  124.932172][ T5953] lmLogOpen: exit(-22)
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./39/binderfs")                 = 0
umount2("./39/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./39/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./39/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./39/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./39")                           = 0
mkdir("./40", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5957 attached
, child_tidptr=0x555561d54690) = 5957
[pid  5957] set_robust_list(0x555561d546a0, 24) = 0
[pid  5957] chdir("./40")               = 0
[pid  5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5957] setpgid(0, 0)               = 0
[pid  5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5957] write(3, "1000", 4)         = 4
[pid  5957] close(3)                    = 0
[pid  5957] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5957] write(1, "executing program\n", 18) = 18
[pid  5957] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5957] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5957] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5957] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5957] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5957] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5957] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5958 attached
 <unfinished ...>
[pid  5958] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5957] <... clone3 resumed> => {parent_tid=[5958]}, 88) = 5958
[pid  5958] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5958] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5957] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5958] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5957] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5958] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5957] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5958] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5957] <... futex resumed>)        = 0
[pid  5958] mkdir(NULL, 000 <unfinished ...>
[pid  5957] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5958] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5958] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5957] <... futex resumed>)        = 0
[pid  5958] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  5957] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5957] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5958] memfd_create("syzkaller", 0) = 3
[pid  5958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5958] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5958] munmap(0x7f4339800000, 138412032) = 0
[pid  5958] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5958] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5958] close(3)                    = 0
[pid  5958] close(4)                    = 0
[pid  5958] mkdir("./file7", 0777)      = 0
[pid  5958] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5958] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5958] chdir("./file7")            = 0
[pid  5958] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5958] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5957] <... futex resumed>)        = 0
[pid  5958] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5957] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  125.712853][ T5958] loop0: detected capacity change from 0 to 32768
[pid  5957] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5958] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5957] <... futex resumed>)        = 0
[pid  5958] mkdir(".", 0777 <unfinished ...>
[pid  5957] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid  5958] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5957] <... mmap resumed>)         = 0x7f4341d5e000
[pid  5958] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5957] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5957] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5957] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5959 attached
 <unfinished ...>
[pid  5959] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5959] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5957] <... clone3 resumed> => {parent_tid=[5959]}, 88) = 5959
[pid  5959] <... set_robust_list resumed>) = 0
[pid  5957] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5959] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5957] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5959] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5957] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5959] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5957] <... futex resumed>)        = 0
[pid  5957] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5959] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5959] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5957] <... futex resumed>)        = 0
[pid  5959] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5958] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5958] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5958] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5957] exit_group(0 <unfinished ...>
[pid  5959] <... futex resumed>)        = ?
[pid  5959] +++ exited with 0 +++
[pid  5958] <... futex resumed>)        = ?
[pid  5958] +++ exited with 0 +++
[pid  5957] <... exit_group resumed>)   = ?
[pid  5957] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=21 /* 0.21 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  125.779645][ T5958] syz-executor359: attempt to access beyond end of device
[  125.779645][ T5958] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  125.794580][ T5958] lbmIODone: I/O error in JFS log
[  125.800714][ T5958] *** Log Format Error ! ***
[  125.806126][ T5958] lmLogInit: exit(-22)
[  125.810305][ T5958] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./40/binderfs")                 = 0
umount2("./40/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./40/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./40/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./40/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./40")                           = 0
mkdir("./41", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5960 attached
 <unfinished ...>
[pid  5960] set_robust_list(0x555561d546a0, 24 <unfinished ...>
[pid  5829] <... clone resumed>, child_tidptr=0x555561d54690) = 5960
[pid  5960] <... set_robust_list resumed>) = 0
[pid  5960] chdir("./41")               = 0
[pid  5960] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5960] setpgid(0, 0)               = 0
[pid  5960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5960] write(3, "1000", 4)         = 4
[pid  5960] close(3)                    = 0
[pid  5960] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5960] write(1, "executing program\n", 18executing program
) = 18
[pid  5960] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5960] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5960] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5960] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5960] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5960] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5960] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5961 attached
 <unfinished ...>
[pid  5961] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5961] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5960] <... clone3 resumed> => {parent_tid=[5961]}, 88) = 5961
[pid  5961] <... set_robust_list resumed>) = 0
[pid  5960] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5961] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5960] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5961] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5960] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5961] mkdir(NULL, 000 <unfinished ...>
[pid  5960] <... futex resumed>)        = 0
[pid  5961] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5960] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5961] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5960] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5961] <... futex resumed>)        = 0
[pid  5960] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5961] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5960] <... futex resumed>)        = 0
[pid  5960] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5961] <... memfd_create resumed>) = 3
[pid  5961] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5961] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5961] munmap(0x7f4339800000, 138412032) = 0
[pid  5961] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5961] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5961] close(3)                    = 0
[pid  5961] close(4)                    = 0
[pid  5961] mkdir("./file7", 0777)      = 0
[pid  5961] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5961] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5961] chdir("./file7")            = 0
[pid  5961] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5961] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5960] <... futex resumed>)        = 0
[pid  5961] <... futex resumed>)        = 1
[pid  5960] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5961] mkdir(".", 0777 <unfinished ...>
[pid  5960] <... futex resumed>)        = 0
[pid  5961] <... mkdir resumed>)        = -1 EEXIST (File exists)
[  126.564147][ T5961] loop0: detected capacity change from 0 to 32768
[pid  5960] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5961] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5960] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5960] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5960] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5960] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5962 attached
 <unfinished ...>
[pid  5962] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5960] <... clone3 resumed> => {parent_tid=[5962]}, 88) = 5962
[pid  5962] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5960] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5962] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5960] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5962] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5960] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5962] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5960] <... futex resumed>)        = 0
[pid  5960] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5962] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5962] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5960] <... futex resumed>)        = 0
[pid  5962] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5961] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5961] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5961] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5960] exit_group(0 <unfinished ...>
[pid  5962] <... futex resumed>)        = ?
[pid  5961] <... futex resumed>)        = ?
[pid  5962] +++ exited with 0 +++
[pid  5960] <... exit_group resumed>)   = ?
[pid  5961] +++ exited with 0 +++
[pid  5960] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5960, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=17 /* 0.17 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  126.636026][ T5961] syz-executor359: attempt to access beyond end of device
[  126.636026][ T5961] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  126.650394][ T5961] lbmIODone: I/O error in JFS log
[  126.655465][ T5961] *** Log Format Error ! ***
[  126.660819][ T5961] lmLogInit: exit(-22)
[  126.665045][ T5961] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./41/binderfs")                 = 0
umount2("./41/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./41/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./41/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./41/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./41")                           = 0
mkdir("./42", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5963 attached
, child_tidptr=0x555561d54690) = 5963
[pid  5963] set_robust_list(0x555561d546a0, 24) = 0
[pid  5963] chdir("./42")               = 0
[pid  5963] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5963] setpgid(0, 0)               = 0
[pid  5963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5963] write(3, "1000", 4)         = 4
[pid  5963] close(3)                    = 0
[pid  5963] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5963] write(1, "executing program\n", 18) = 18
[pid  5963] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5963] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5963] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5963] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5963] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5963] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5963] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5964 attached
 <unfinished ...>
[pid  5964] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5963] <... clone3 resumed> => {parent_tid=[5964]}, 88) = 5964
[pid  5963] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5964] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5963] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5964] <... set_robust_list resumed>) = 0
[pid  5963] <... futex resumed>)        = 0
[pid  5964] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5963] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5964] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5964] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5964] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5963] <... futex resumed>)        = 0
[pid  5964] <... futex resumed>)        = 1
[pid  5963] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5964] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5963] <... futex resumed>)        = 0
[pid  5964] <... memfd_create resumed>) = 3
[pid  5964] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid  5963] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5964] <... mmap resumed>)         = 0x7f4339800000
[pid  5964] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5964] munmap(0x7f4339800000, 138412032) = 0
[pid  5964] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5964] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5964] close(3)                    = 0
[pid  5964] close(4)                    = 0
[pid  5964] mkdir("./file7", 0777)      = 0
[pid  5964] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[  127.379605][ T5964] loop0: detected capacity change from 0 to 32768
[pid  5964] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5964] chdir("./file7")            = 0
[pid  5964] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5964] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5963] <... futex resumed>)        = 0
[pid  5964] <... futex resumed>)        = 1
[pid  5963] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5964] mkdir(".", 0777 <unfinished ...>
[pid  5963] <... futex resumed>)        = 0
[pid  5964] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5963] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5964] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5963] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5963] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5963] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5963] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5965 attached
 <unfinished ...>
[pid  5965] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5963] <... clone3 resumed> => {parent_tid=[5965]}, 88) = 5965
[pid  5965] <... rseq resumed>)         = 0
[pid  5963] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5965] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5963] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5965] <... set_robust_list resumed>) = 0
[pid  5963] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5965] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5963] <... futex resumed>)        = 0
[pid  5965] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5965] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5963] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5965] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5965] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5963] <... futex resumed>)        = 0
[pid  5965] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5964] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5964] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5964] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5963] exit_group(0 <unfinished ...>
[pid  5965] <... futex resumed>)        = ?
[pid  5963] <... exit_group resumed>)   = ?
[pid  5965] +++ exited with 0 +++
[pid  5964] <... futex resumed>)        = ?
[pid  5964] +++ exited with 0 +++
[pid  5963] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5963, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=16 /* 0.16 s */} ---
[  127.468809][ T5964] syz-executor359: attempt to access beyond end of device
[  127.468809][ T5964] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  127.482696][ T5964] lbmIODone: I/O error in JFS log
[  127.488114][ T5964] *** Log Format Error ! ***
[  127.493024][ T5964] lmLogInit: exit(-22)
[  127.498179][ T5964] lmLogOpen: exit(-22)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./42/binderfs")                 = 0
umount2("./42/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./42/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./42/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./42/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./42")                           = 0
mkdir("./43", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5966 attached
, child_tidptr=0x555561d54690) = 5966
[pid  5966] set_robust_list(0x555561d546a0, 24) = 0
[pid  5966] chdir("./43")               = 0
[pid  5966] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5966] setpgid(0, 0)               = 0
[pid  5966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5966] write(3, "1000", 4)         = 4
[pid  5966] close(3)                    = 0
[pid  5966] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5966] write(1, "executing program\n", 18) = 18
[pid  5966] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5966] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5966] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5966] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5966] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5966] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5966] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5967 attached
 <unfinished ...>
[pid  5967] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5966] <... clone3 resumed> => {parent_tid=[5967]}, 88) = 5967
[pid  5967] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5966] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5967] <... set_robust_list resumed>) = 0
[pid  5966] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5967] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5966] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5967] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5966] <... futex resumed>)        = 0
[pid  5967] mkdir(NULL, 000 <unfinished ...>
[pid  5966] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5967] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5967] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5967] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5966] <... futex resumed>)        = 0
[pid  5966] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5967] <... futex resumed>)        = 0
[pid  5966] <... futex resumed>)        = 1
[pid  5967] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5966] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5967] <... memfd_create resumed>) = 3
[pid  5967] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5967] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5967] munmap(0x7f4339800000, 138412032) = 0
[pid  5967] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5967] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5967] close(3)                    = 0
[pid  5967] close(4)                    = 0
[pid  5967] mkdir("./file7", 0777)      = 0
[pid  5967] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5967] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5967] chdir("./file7")            = 0
[pid  5967] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5967] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5966] <... futex resumed>)        = 0
[pid  5967] mkdir(".", 0777 <unfinished ...>
[pid  5966] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5967] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5966] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5967] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5966] <... futex resumed>)        = 0
[pid  5966] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5966] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[  128.246474][ T5967] loop0: detected capacity change from 0 to 32768
[pid  5966] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5967] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5966] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5968 attached
 <unfinished ...>
[pid  5968] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5967] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5968] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5967] <... futex resumed>)        = 0
[pid  5966] <... clone3 resumed> => {parent_tid=[5968]}, 88) = 5968
[pid  5968] <... set_robust_list resumed>) = 0
[pid  5967] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5968] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5966] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5968] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5966] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5968] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5966] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5968] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5968] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5966] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5968] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5968] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5966] <... futex resumed>)        = 0
[pid  5968] <... futex resumed>)        = 1
[pid  5966] exit_group(0 <unfinished ...>
[pid  5968] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL) = ?
[pid  5967] <... futex resumed>)        = ?
[pid  5966] <... exit_group resumed>)   = ?
[pid  5968] +++ exited with 0 +++
[pid  5967] +++ exited with 0 +++
[pid  5966] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5966, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  128.294451][ T5967] syz-executor359: attempt to access beyond end of device
[  128.294451][ T5967] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  128.308391][ T5967] lbmIODone: I/O error in JFS log
[  128.313509][ T5967] *** Log Format Error ! ***
[  128.318662][ T5967] lmLogInit: exit(-22)
[  128.322820][ T5967] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./43/binderfs")                 = 0
umount2("./43/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./43/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./43/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./43/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./43")                           = 0
mkdir("./44", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5969 attached
, child_tidptr=0x555561d54690) = 5969
[pid  5969] set_robust_list(0x555561d546a0, 24) = 0
[pid  5969] chdir("./44")               = 0
[pid  5969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5969] setpgid(0, 0)               = 0
[pid  5969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5969] write(3, "1000", 4)         = 4
[pid  5969] close(3)                    = 0
[pid  5969] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5969] write(1, "executing program\n", 18executing program
) = 18
[pid  5969] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5969] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5969] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5969] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5969] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5969] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5969] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5970 attached
 <unfinished ...>
[pid  5970] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5969] <... clone3 resumed> => {parent_tid=[5970]}, 88) = 5970
[pid  5970] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5969] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5970] <... set_robust_list resumed>) = 0
[pid  5969] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5970] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5969] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5970] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5969] <... futex resumed>)        = 0
[pid  5970] mkdir(NULL, 000 <unfinished ...>
[pid  5969] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5970] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5970] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5970] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5969] <... futex resumed>)        = 0
[pid  5969] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5970] <... futex resumed>)        = 0
[pid  5969] <... futex resumed>)        = 1
[pid  5970] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5969] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5970] <... memfd_create resumed>) = 3
[pid  5970] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5970] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5970] munmap(0x7f4339800000, 138412032) = 0
[pid  5970] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5970] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5970] close(3)                    = 0
[pid  5970] close(4)                    = 0
[pid  5970] mkdir("./file7", 0777)      = 0
[pid  5970] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5970] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[  129.061379][ T5970] loop0: detected capacity change from 0 to 32768
[pid  5970] chdir("./file7")            = 0
[pid  5970] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5970] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5970] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5969] <... futex resumed>)        = 0
[pid  5969] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5970] <... futex resumed>)        = 0
[pid  5969] <... futex resumed>)        = 1
[pid  5970] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5969] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5970] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5969] <... futex resumed>)        = 0
[pid  5969] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5969] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5969] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5969] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5971 attached
 <unfinished ...>
[pid  5971] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5971] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5971] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5969] <... clone3 resumed> => {parent_tid=[5971]}, 88) = 5971
[pid  5971] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5969] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5971] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5969] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5969] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5971] <... futex resumed>)        = 0
[pid  5969] <... futex resumed>)        = 1
[pid  5971] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5969] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5971] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5971] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5969] <... futex resumed>)        = 0
[pid  5971] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5970] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5970] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5970] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5969] exit_group(0 <unfinished ...>
[pid  5970] <... futex resumed>)        = ?
[pid  5969] <... exit_group resumed>)   = ?
[pid  5971] <... futex resumed>)        = ?
[pid  5970] +++ exited with 0 +++
[pid  5971] +++ exited with 0 +++
[pid  5969] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5969, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=19 /* 0.19 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  129.132402][ T5970] syz-executor359: attempt to access beyond end of device
[  129.132402][ T5970] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  129.147745][ T5970] lbmIODone: I/O error in JFS log
[  129.153287][ T5970] *** Log Format Error ! ***
[  129.158506][ T5970] lmLogInit: exit(-22)
[  129.162637][ T5970] lmLogOpen: exit(-22)
umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./44/binderfs")                 = 0
umount2("./44/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./44/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./44/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./44/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./44")                           = 0
mkdir("./45", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5972 attached
, child_tidptr=0x555561d54690) = 5972
[pid  5972] set_robust_list(0x555561d546a0, 24) = 0
[pid  5972] chdir("./45")               = 0
[pid  5972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5972] setpgid(0, 0)               = 0
[pid  5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5972] write(3, "1000", 4)         = 4
[pid  5972] close(3)                    = 0
[pid  5972] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5972] write(1, "executing program\n", 18executing program
) = 18
[pid  5972] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5972] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5972] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5972] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5972] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5972] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5973 attached
 => {parent_tid=[5973]}, 88) = 5973
[pid  5973] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5972] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5973] <... rseq resumed>)         = 0
[pid  5972] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5973] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5972] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5973] <... set_robust_list resumed>) = 0
[pid  5972] <... futex resumed>)        = 0
[pid  5973] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5973] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5973] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5972] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5973] <... futex resumed>)        = 0
[pid  5972] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5973] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5972] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5972] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5973] <... memfd_create resumed>) = 3
[pid  5973] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5973] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5973] munmap(0x7f4339800000, 138412032) = 0
[pid  5973] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5973] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5973] close(3)                    = 0
[pid  5973] close(4)                    = 0
[pid  5973] mkdir("./file7", 0777)      = 0
[pid  5973] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5973] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5973] chdir("./file7")            = 0
[pid  5973] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5973] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5972] <... futex resumed>)        = 0
[pid  5973] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5972] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5973] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5973] mkdir(".", 0777)            = -1 EEXIST (File exists)
[pid  5972] <... futex resumed>)        = 0
[pid  5972] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5973] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[  129.901371][ T5973] loop0: detected capacity change from 0 to 32768
[pid  5972] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5972] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5972] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0} => {parent_tid=[5974]}, 88) = 5974
[pid  5972] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
./strace-static-x86_64: Process 5974 attached
[pid  5972] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5972] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5974] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5974] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5974] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5974] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5973] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5974] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5973] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5974] <... futex resumed>)        = 1
[pid  5972] <... futex resumed>)        = 0
[pid  5973] <... futex resumed>)        = 0
[pid  5974] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5973] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5972] exit_group(0 <unfinished ...>
[pid  5974] <... futex resumed>)        = ?
[pid  5973] <... futex resumed>)        = ?
[pid  5972] <... exit_group resumed>)   = ?
[pid  5973] +++ exited with 0 +++
[pid  5974] +++ exited with 0 +++
[pid  5972] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5972, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=19 /* 0.19 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  129.948401][ T5973] syz-executor359: attempt to access beyond end of device
[  129.948401][ T5973] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  129.963062][ T5973] lbmIODone: I/O error in JFS log
[  129.969483][ T5973] *** Log Format Error ! ***
[  129.974486][ T5973] lmLogInit: exit(-22)
[  129.978729][ T5973] lmLogOpen: exit(-22)
newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./45/binderfs")                 = 0
umount2("./45/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./45/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./45/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./45/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./45")                           = 0
mkdir("./46", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5975 attached
, child_tidptr=0x555561d54690) = 5975
[pid  5975] set_robust_list(0x555561d546a0, 24) = 0
[pid  5975] chdir("./46")               = 0
[pid  5975] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5975] setpgid(0, 0)               = 0
[pid  5975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5975] write(3, "1000", 4)         = 4
[pid  5975] close(3)                    = 0
[pid  5975] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5975] write(1, "executing program\n", 18) = 18
[pid  5975] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5975] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5975] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5975] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5975] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5975] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5975] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5976 attached
 => {parent_tid=[5976]}, 88) = 5976
[pid  5975] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5976] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5975] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5976] <... rseq resumed>)         = 0
[pid  5975] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5976] set_robust_list(0x7f4341d9f9a0, 24) = 0
[pid  5975] <... futex resumed>)        = 0
[pid  5976] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5975] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5976] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5976] mkdir(NULL, 000)            = -1 EFAULT (Bad address)
[pid  5976] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5975] <... futex resumed>)        = 0
[pid  5976] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5975] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5975] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5976] <... memfd_create resumed>) = 3
[pid  5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5976] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5976] munmap(0x7f4339800000, 138412032) = 0
[pid  5976] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5976] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5976] close(3)                    = 0
[pid  5976] close(4)                    = 0
[pid  5976] mkdir("./file7", 0777)      = 0
[pid  5976] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5976] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5976] chdir("./file7")            = 0
[pid  5976] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5976] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5976] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5975] <... futex resumed>)        = 0
[pid  5975] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5976] <... futex resumed>)        = 0
[pid  5975] <... futex resumed>)        = 1
[pid  5976] mkdir(".", 0777 <unfinished ...>
[pid  5975] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5976] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5975] <... futex resumed>)        = 0
[pid  5976] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5975] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5975] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5975] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[  130.721623][ T5976] loop0: detected capacity change from 0 to 32768
[pid  5975] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5977 attached
 => {parent_tid=[5977]}, 88) = 5977
[pid  5975] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5975] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5975] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5977] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5977] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5977] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5977] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000) = -1 EROFS (Read-only file system)
[pid  5977] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5977] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5975] <... futex resumed>)        = 0
[pid  5976] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5976] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5976] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5975] exit_group(0 <unfinished ...>
[pid  5977] <... futex resumed>)        = ?
[pid  5976] <... futex resumed>)        = ?
[pid  5975] <... exit_group resumed>)   = ?
[pid  5976] +++ exited with 0 +++
[pid  5977] +++ exited with 0 +++
[pid  5975] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5975, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=18 /* 0.18 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  130.770052][ T5976] syz-executor359: attempt to access beyond end of device
[  130.770052][ T5976] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  130.785038][ T5976] lbmIODone: I/O error in JFS log
[  130.790764][ T5976] *** Log Format Error ! ***
[  130.796615][ T5976] lmLogInit: exit(-22)
[  130.800926][ T5976] lmLogOpen: exit(-22)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./46/binderfs")                 = 0
umount2("./46/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./46/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./46/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./46/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./46")                           = 0
mkdir("./47", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5978 attached
, child_tidptr=0x555561d54690) = 5978
[pid  5978] set_robust_list(0x555561d546a0, 24) = 0
[pid  5978] chdir("./47")               = 0
[pid  5978] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5978] setpgid(0, 0)               = 0
[pid  5978] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5978] write(3, "1000", 4)         = 4
[pid  5978] close(3)                    = 0
[pid  5978] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5978] write(1, "executing program\n", 18executing program
) = 18
[pid  5978] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5978] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5978] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5978] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5978] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5978] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5978] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5979 attached
 <unfinished ...>
[pid  5979] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5979] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5978] <... clone3 resumed> => {parent_tid=[5979]}, 88) = 5979
[pid  5979] <... set_robust_list resumed>) = 0
[pid  5978] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5979] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5978] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5979] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5978] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5979] mkdir(NULL, 000 <unfinished ...>
[pid  5978] <... futex resumed>)        = 0
[pid  5979] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5978] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5979] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5978] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5979] <... futex resumed>)        = 0
[pid  5978] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5978] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5979] memfd_create("syzkaller", 0) = 3
[pid  5979] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4339800000
[pid  5979] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5979] munmap(0x7f4339800000, 138412032) = 0
[pid  5979] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5979] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5979] close(3)                    = 0
[pid  5979] close(4)                    = 0
[pid  5979] mkdir("./file7", 0777)      = 0
[pid  5979] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5979] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5979] chdir("./file7")            = 0
[pid  5979] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5979] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5978] <... futex resumed>)        = 0
[pid  5979] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5978] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5978] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5979] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5979] mkdir(".", 0777 <unfinished ...>
[pid  5978] <... futex resumed>)        = 0
[pid  5979] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5978] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5979] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5978] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[  131.373714][ T5979] loop0: detected capacity change from 0 to 32768
[pid  5978] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5978] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5980 attached
 <unfinished ...>
[pid  5980] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5979] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5980] set_robust_list(0x7f4341d7e9a0, 24 <unfinished ...>
[pid  5978] <... clone3 resumed> => {parent_tid=[5980]}, 88) = 5980
[pid  5980] <... set_robust_list resumed>) = 0
[pid  5978] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5980] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5978] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5980] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5978] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5980] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[pid  5978] <... futex resumed>)        = 0
[pid  5978] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5979] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5980] <... openat resumed>)       = -1 EROFS (Read-only file system)
[pid  5979] <... futex resumed>)        = 0
[pid  5980] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5979] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5980] <... futex resumed>)        = 1
[pid  5978] <... futex resumed>)        = 0
[pid  5980] futex(0x7f4341e786b8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5978] exit_group(0 <unfinished ...>
[pid  5980] <... futex resumed>)        = ?
[pid  5979] <... futex resumed>)        = ?
[pid  5980] +++ exited with 0 +++
[pid  5979] +++ exited with 0 +++
[pid  5978] <... exit_group resumed>)   = ?
[pid  5978] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5978, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=20 /* 0.20 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  131.428568][ T5979] syz-executor359: attempt to access beyond end of device
[  131.428568][ T5979] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  131.442686][ T5979] lbmIODone: I/O error in JFS log
[  131.448131][ T5979] *** Log Format Error ! ***
[  131.453587][ T5979] lmLogInit: exit(-22)
[  131.457996][ T5979] lmLogOpen: exit(-22)
umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x555561d55730 /* 4 entries */, 32768) = 112
umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./47/binderfs")                 = 0
umount2("./47/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./47/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/file7", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./47/file7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/file7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x555561d5d770 /* 2 entries */, 32768) = 48
getdents64(4, 0x555561d5d770 /* 0 entries */, 32768) = 0
close(4)                                = 0
rmdir("./47/file7")                     = 0
getdents64(3, 0x555561d55730 /* 0 entries */, 32768) = 0
close(3)                                = 0
rmdir("./47")                           = 0
mkdir("./48", 0777)                     = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 3
ioctl(3, LOOP_CLR_FD)                   = 0
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5981 attached
, child_tidptr=0x555561d54690) = 5981
[pid  5981] set_robust_list(0x555561d546a0, 24) = 0
[pid  5981] chdir("./48")               = 0
[pid  5981] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5981] setpgid(0, 0)               = 0
[pid  5981] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5981] write(3, "1000", 4)         = 4
[pid  5981] close(3)                    = 0
[pid  5981] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5981] write(1, "executing program\n", 18executing program
) = 18
[pid  5981] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5981] rt_sigaction(SIGRT_1, {sa_handler=0x7f4341e11070, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f4341e02220}, NULL, 8) = 0
[pid  5981] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5981] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d7f000
[pid  5981] mprotect(0x7f4341d80000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5981] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5981] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d9f990, parent_tid=0x7f4341d9f990, exit_signal=0, stack=0x7f4341d7f000, stack_size=0x20300, tls=0x7f4341d9f6c0}./strace-static-x86_64: Process 5982 attached
 <unfinished ...>
[pid  5982] rseq(0x7f4341d9ffe0, 0x20, 0, 0x53053053) = 0
[pid  5981] <... clone3 resumed> => {parent_tid=[5982]}, 88) = 5982
[pid  5982] set_robust_list(0x7f4341d9f9a0, 24 <unfinished ...>
[pid  5981] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5982] <... set_robust_list resumed>) = 0
[pid  5981] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5982] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5981] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5982] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5981] <... futex resumed>)        = 0
[pid  5982] mkdir(NULL, 000 <unfinished ...>
[pid  5981] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5982] <... mkdir resumed>)        = -1 EFAULT (Bad address)
[pid  5982] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5981] <... futex resumed>)        = 0
[pid  5982] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5981] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5982] <... memfd_create resumed>) = 3
[pid  5981] <... futex resumed>)        = 0
[pid  5982] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
[pid  5981] futex(0x7f4341e786ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5982] <... mmap resumed>)         = 0x7f4339800000
[pid  5982] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid  5982] munmap(0x7f4339800000, 138412032) = 0
[pid  5982] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5982] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5982] close(3)                    = 0
[pid  5982] close(4)                    = 0
[pid  5982] mkdir("./file7", 0777)      = 0
[pid  5982] mount("/dev/loop0", "./file7", "jfs", MS_RDONLY|MS_NOSUID|MS_SYNCHRONOUS|MS_NOATIME|MS_NODIRATIME|MS_REC|MS_SILENT|MS_POSIXACL|MS_STRICTATIME, "") = 0
[pid  5982] openat(AT_FDCWD, "./file7", O_RDONLY|O_DIRECTORY) = 3
[pid  5982] chdir("./file7")            = 0
[pid  5982] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5982] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5982] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5981] <... futex resumed>)        = 0
[pid  5981] futex(0x7f4341e786a8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5982] <... futex resumed>)        = 0
[pid  5981] <... futex resumed>)        = 1
[pid  5982] mkdir(".", 0777 <unfinished ...>
[pid  5981] futex(0x7f4341e786bc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5982] <... mkdir resumed>)        = -1 EEXIST (File exists)
[pid  5981] <... futex resumed>)        = 0
[  132.249399][ T5982] loop0: detected capacity change from 0 to 32768
[pid  5982] mount(NULL, ".", 0x200000000f40, MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|MS_NOATIME|MS_MOVE|MS_SILENT|MS_PRIVATE|MS_RELATIME|MS_I_VERSION|MS_STRICTATIME, "" <unfinished ...>
[pid  5981] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4341d5e000
[pid  5981] mprotect(0x7f4341d5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5981] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5981] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f4341d7e990, parent_tid=0x7f4341d7e990, exit_signal=0, stack=0x7f4341d5e000, stack_size=0x20300, tls=0x7f4341d7e6c0}./strace-static-x86_64: Process 5983 attached
 => {parent_tid=[5983]}, 88) = 5983
[pid  5983] rseq(0x7f4341d7efe0, 0x20, 0, 0x53053053) = 0
[pid  5981] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5983] set_robust_list(0x7f4341d7e9a0, 24) = 0
[pid  5981] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5983] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5981] futex(0x7f4341e786b8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5983] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5981] <... futex resumed>)        = 0
[pid  5983] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_SYNC|O_DIRECT, 000 <unfinished ...>
[  132.321803][ T5983] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN PTI
[  132.322336][ T5982] syz-executor359: attempt to access beyond end of device
[  132.322336][ T5982] loop14: rw=0, sector=8, nr_sectors = 8 limit=0
[  132.333736][ T5983] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[  132.333776][ T5983] CPU: 1 UID: 0 PID: 5983 Comm: syz-executor359 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) 
[  132.333801][ T5983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  132.333823][ T5983] RIP: 0010:diRead+0x442/0xbd0
[  132.347242][ T5982] lbmIODone: I/O error in JFS log
[  132.355605][ T5983] Code: 08 00 4c 8b 64 24 18 74 08 48 89 ef e8 87 c4 d0 fe 48 8b 5d 00 48 83 c3 34 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 8a 05 00 00 8b 1b bf 40 00 00 00 89 de e8
[  132.372152][ T5982] *** Log Format Error ! ***
[pid  5981] futex(0x7f4341e786bc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5982] <... mount resumed>)        = -1 EINVAL (Invalid argument)
[pid  5982] futex(0x7f4341e786ac, FUTEX_WAKE_PRIVATE, 1000000) = 0
[  132.382829][ T5983] RSP: 0018:ffffc9000436f658 EFLAGS: 00010207
[  132.382862][ T5983] RAX: 0000000000000006 RBX: 0000000000000034 RCX: dffffc0000000000
[  132.382876][ T5983] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000020
[  132.382889][ T5983] RBP: ffff8881443836a0 R08: ffffffff835a1616 R09: 1ffff1100e5d05dc
[  132.382903][ T5983] R10: dffffc0000000000 R11: ffffed100e5d05dd R12: 0000000000000000
[  132.382916][ T5983] R13: 000000000000001c R14: 0000000000000000 R15: ffff888072e83248
[  132.388951][ T5982] lmLogInit: exit(-22)
[  132.393038][ T5983] FS:  00007f4341d7e6c0(0000) GS:ffff8881250c9000(0000) knlGS:0000000000000000
[  132.415967][ T5982] lmLogOpen: exit(-22)
[  132.421042][ T5983] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.421062][ T5983] CR2: 00007f4341d7ed58 CR3: 0000000029654000 CR4: 00000000003526f0
[  132.421081][ T5983] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  132.508926][ T5983] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  132.516990][ T5983] Call Trace:
[  132.520287][ T5983]  <TASK>
[  132.523243][ T5983]  jfs_iget+0x86/0x3e0
[  132.527343][ T5983]  jfs_lookup+0x239/0x440
[  132.531702][ T5983]  ? __pfx_jfs_lookup+0x10/0x10
[  132.536564][ T5983]  ? d_alloc_parallel+0x1503/0x1660
[  132.541796][ T5983]  ? __d_lookup+0x64/0x7b0
[  132.546255][ T5983]  ? __pfx_d_alloc_parallel+0x10/0x10
[  132.551680][ T5983]  ? __d_lookup+0x706/0x7b0
[  132.556236][ T5983]  ? mode_strip_sgid+0xa1/0x1a0
[  132.561111][ T5983]  ? __pfx_jfs_lookup+0x10/0x10
[  132.565980][ T5983]  path_openat+0x11c3/0x35d0
[  132.570852][ T5983]  ? __pfx_path_openat+0x10/0x10
[  132.575818][ T5983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.582384][ T5983]  do_filp_open+0x284/0x4e0
[  132.587007][ T5983]  ? __pfx_do_filp_open+0x10/0x10
[  132.592683][ T5983]  ? do_raw_spin_lock+0x151/0x370
[  132.597831][ T5983]  do_sys_openat2+0x12b/0x1d0
[  132.602706][ T5983]  ? __pfx_do_sys_openat2+0x10/0x10
[  132.608181][ T5983]  ? lockdep_hardirqs_on+0x9d/0x150
[  132.613849][ T5983]  ? _raw_spin_unlock_irq+0x2e/0x50
[  132.619150][ T5983]  ? ptrace_notify+0x282/0x390
[  132.623943][ T5983]  __x64_sys_openat+0x249/0x2a0
[  132.628903][ T5983]  ? __pfx___x64_sys_openat+0x10/0x10
[  132.634641][ T5983]  do_syscall_64+0xf3/0x230
[  132.639513][ T5983]  ? clear_bhb_loop+0x45/0xa0
[  132.644218][ T5983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.650820][ T5983] RIP: 0033:0x7f4341deac59
[  132.655642][ T5983] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  132.676210][ T5983] RSP: 002b:00007f4341d7e218 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  132.684782][ T5983] RAX: ffffffffffffffda RBX: 00007f4341e786b8 RCX: 00007f4341deac59
[  132.692865][ T5983] RDX: 0000000000105042 RSI: 00002000000003c0 RDI: 00000000ffffff9c
[  132.700879][ T5983] RBP: 00007f4341e786b0 R08: 00007ffd034d6cf7 R09: 0000000000000000
[  132.709031][ T5983] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffb0
[pid  5982] futex(0x7f4341e786a8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5981] <... futex resumed>)        = -1 ETIMEDOUT (Connection timed out)
[  132.717037][ T5983] R13: 0000200000000000 R14: 00007ffd034d6c10 R15: 0000200000000f40
[  132.725199][ T5983]  </TASK>
[  132.728239][ T5983] Modules linked in:
[  132.732373][ T5983] ---[ end trace 0000000000000000 ]---
[  132.738267][ T5983] RIP: 0010:diRead+0x442/0xbd0
[  132.743330][ T5983] Code: 08 00 4c 8b 64 24 18 74 08 48 89 ef e8 87 c4 d0 fe 48 8b 5d 00 48 83 c3 34 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 8a 05 00 00 8b 1b bf 40 00 00 00 89 de e8
[  132.763902][ T5983] RSP: 0018:ffffc9000436f658 EFLAGS: 00010207
[  132.770301][ T5983] RAX: 0000000000000006 RBX: 0000000000000034 RCX: dffffc0000000000
[  132.778383][ T5983] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000020
[  132.786440][ T5983] RBP: ffff8881443836a0 R08: ffffffff835a1616 R09: 1ffff1100e5d05dc
[  132.794463][ T5983] R10: dffffc0000000000 R11: ffffed100e5d05dd R12: 0000000000000000
[  132.802692][ T5983] R13: 000000000000001c R14: 0000000000000000 R15: ffff888072e83248
[  132.811448][ T5983] FS:  00007f4341d7e6c0(0000) GS:ffff888124fc9000(0000) knlGS:0000000000000000
[  132.820530][ T5983] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.827538][ T5983] CR2: 00007f4339a0b000 CR3: 0000000029654000 CR4: 00000000003526f0
[  132.835905][ T5983] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  132.843945][ T5983] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  132.852009][ T5983] Kernel panic - not syncing: Fatal exception
[  132.858377][ T5983] Kernel Offset: disabled
[  132.862704][ T5983] Rebooting in 86400 seconds..