./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor248181334

<...>
[   97.177506][   T46] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts.
execve("./syz-executor248181334", ["./syz-executor248181334"], 0x7ffe98148370 /* 10 vars */) = 0
brk(NULL)                               = 0x55558393c000
brk(0x55558393ce00)                     = 0x55558393ce00
arch_prctl(ARCH_SET_FS, 0x55558393c480) = 0
set_tid_address(0x55558393c750)         = 5832
set_robust_list(0x55558393c760, 24)     = 0
rseq(0x55558393cda0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor248181334", 4096) = 27
getrandom("\x60\x1a\x36\xf0\x82\xc1\xf4\xb7", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55558393ce00
brk(0x55558395de00)                     = 0x55558395de00
brk(0x55558395e000)                     = 0x55558395e000
mprotect(0x7f12a88aa000, 16384, PROT_READ) = 0
mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000
mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000
mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000
mkdir("/syzcgroup", 0777)               = 0
mkdir("/syzcgroup/unified", 0777)       = 0
mount("none", "/syzcgroup/unified", "cgroup2", 0, NULL) = 0
chmod("/syzcgroup/unified", 0777)       = 0
openat(AT_FDCWD, "/syzcgroup/unified/cgroup.subtree_control", O_WRONLY) = 3
write(3, "+cpu", 4)                     = 4
write(3, "+io", 3)                      = 3
write(3, "+pids", 5)                    = 5
close(3)                                = 0
mkdir("/syzcgroup/net", 0777)           = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "net") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio") = 0
umount2("/syzcgroup/net", 0)            = 0
[   98.210344][ T5832] cgroup: Unknown subsys name 'net'
mount("none", "/syzcgroup/net", "cgroup", 0, "devices") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "blkio") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "freezer") = 0
umount2("/syzcgroup/net", 0)            = 0
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio,devices,blkio,freezer") = 0
chmod("/syzcgroup/net", 0777)           = 0
mkdir("/syzcgroup/cpu", 0777)           = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "hugetlb") = 0
umount2("/syzcgroup/cpu", 0)            = 0
[   98.445646][ T5832] cgroup: Unknown subsys name 'cpuset'
mount("none", "/syzcgroup/cpu", "cgroup", 0, "rlimit") = -1 EINVAL (Invalid argument)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "memory") = 0
umount2("/syzcgroup/cpu", 0)            = 0
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted)
[   98.500262][ T5832] cgroup: Unknown subsys name 'rlimit'
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = ? ERESTARTNOINTR (To be restarted)
mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct,hugetlb,memory") = 0
chmod("/syzcgroup/cpu", 0777)           = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cgroup.clone_children", O_WRONLY|O_CLOEXEC) = 3
write(3, "1", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/syzcgroup/cpu/cpuset.memory_pressure_enabled", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
mount(NULL, "/proc/sys/fs/binfmt_misc", "binfmt_misc", 0, NULL) = -1 EBUSY (Device or resource busy)
openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3
write(3, "\x3a\x73\x79\x7a\x30\x3a\x4d\x3a\x30\x3a\x01\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a", 21) = 21
close(3)                                = 0
openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3
write(3, "\x3a\x73\x79\x7a\x31\x3a\x4d\x3a\x31\x3a\x02\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a\x50\x4f\x43", 24) = 24
close(3)                                = 0
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f12a87ea3e0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f12a87ea3e0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
mkdir("./syzkaller.7SdCrR", 0700)       = 0
chmod("./syzkaller.7SdCrR", 0777)       = 0
chdir("./syzkaller.7SdCrR")             = 0
unshare(CLONE_NEWPID)                   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558393c750) = 5833
./strace-static-x86_64: Process 5833 attached
[pid  5833] set_robust_list(0x55558393c760, 24) = 0
[pid  5833] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5833] getppid()                   = 0
[pid  5833] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0
[pid  5833] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0
[pid  5833] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0
[pid  5833] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0
[pid  5833] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0
[pid  5833] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0
[pid  5833] unshare(CLONE_NEWNS)        = 0
[pid  5833] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] unshare(CLONE_NEWIPC)       = 0
[pid  5833] unshare(CLONE_NEWCGROUP)    = 0
[pid  5833] unshare(CLONE_NEWUTS)       = 0
[pid  5833] unshare(CLONE_SYSVSEM)      = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "16777216", 8)     = 8
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "536870912", 9)    = 9
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "1024", 4)         = 4
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "8192", 4)         = 4
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "1024", 4)         = 4
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "1024", 4)         = 4
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "1024 1048576 500 1024", 21) = 21
[pid  5833] close(3)                    = 0
[pid  5833] getpid()                    = 1
[pid  5833] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PTRACE|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_NICE|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5833] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, permitted=1<<CAP_CHOWN|1<<CAP_DAC_OVERRIDE|1<<CAP_DAC_READ_SEARCH|1<<CAP_FOWNER|1<<CAP_FSETID|1<<CAP_KILL|1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP|1<<CAP_LINUX_IMMUTABLE|1<<CAP_NET_BIND_SERVICE|1<<CAP_NET_BROADCAST|1<<CAP_NET_ADMIN|1<<CAP_NET_RAW|1<<CAP_IPC_LOCK|1<<CAP_IPC_OWNER|1<<CAP_SYS_MODULE|1<<CAP_SYS_RAWIO|1<<CAP_SYS_CHROOT|1<<CAP_SYS_PACCT|1<<CAP_SYS_ADMIN|1<<CAP_SYS_BOOT|1<<CAP_SYS_RESOURCE|1<<CAP_SYS_TIME|1<<CAP_SYS_TTY_CONFIG|1<<CAP_MKNOD|1<<CAP_LEASE|1<<CAP_AUDIT_WRITE|1<<CAP_AUDIT_CONTROL|1<<CAP_SETFCAP|1<<CAP_MAC_OVERRIDE|1<<CAP_MAC_ADMIN|1<<CAP_SYSLOG|1<<CAP_WAKE_ALARM|1<<CAP_BLOCK_SUSPEND|1<<CAP_AUDIT_READ|1<<CAP_PERFMON|1<<CAP_BPF|1<<CAP_CHECKPOINT_RESTORE, inheritable=0}) = 0
[pid  5833] unshare(CLONE_NEWNET)       = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "0 65535", 7)      = 7
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "100000", 6)       = 6
[pid  5833] close(3)                    = 0
[pid  5833] mkdir("./syz-tmp", 0777)    = 0
[pid  5833] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0
[pid  5833] mkdir("./syz-tmp/newroot", 0777) = 0
[pid  5833] mkdir("./syz-tmp/newroot/dev", 0700) = 0
[pid  5833] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] mkdir("./syz-tmp/newroot/proc", 0700) = 0
[pid  5833] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0
[pid  5833] mkdir("./syz-tmp/newroot/selinux", 0700) = 0
[pid  5833] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5833] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5833] mkdir("./syz-tmp/newroot/sys", 0700) = 0
[pid  5833] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5833] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] mkdir("./syz-tmp/newroot/syz-inputs", 0700) = 0
[pid  5833] mount("/syz-inputs", "./syz-tmp/newroot/syz-inputs", NULL, MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory)
[pid  5833] mkdir("./syz-tmp/newroot/syzcgroup", 0700) = 0
[pid  5833] mkdir("./syz-tmp/newroot/syzcgroup/unified", 0700) = 0
[pid  5833] mkdir("./syz-tmp/newroot/syzcgroup/cpu", 0700) = 0
[pid  5833] mkdir("./syz-tmp/newroot/syzcgroup/net", 0700) = 0
[pid  5833] mount("/syzcgroup/unified", "./syz-tmp/newroot/syzcgroup/unified", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] mount("/syzcgroup/cpu", "./syz-tmp/newroot/syzcgroup/cpu", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] mount("/syzcgroup/net", "./syz-tmp/newroot/syzcgroup/net", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0
[pid  5833] mkdir("./syz-tmp/pivot", 0777) = 0
[pid  5833] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0
[pid  5833] chdir("/")                  = 0
[pid  5833] umount2("./pivot", MNT_DETACH) = 0
[pid  5833] chroot("./newroot")         = 0
[pid  5833] chdir("/")                  = 0
[pid  5833] mkdir("/dev/gadgetfs", 0777) = 0
[pid  5833] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL) = 0
[pid  5833] mkdir("/dev/binderfs", 0777) = 0
[pid  5833] mount("binder", "/dev/binderfs", "binder", 0, NULL) = -1 ENODEV (No such device)
[pid  5833] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy)
[pid  5833] getpid()                    = 1
[pid  5833] mkdir("/syzcgroup/unified/syz0", 0777) = 0
[pid  5833] openat(AT_FDCWD, "/syzcgroup/unified/syz0/pids.max", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "32", 2)           = 2
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/syzcgroup/unified/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "1", 1)            = 1
[pid  5833] close(3)                    = 0
[pid  5833] mkdir("/syzcgroup/cpu/syz0", 0777) = 0
[pid  5833] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "1", 1)            = 1
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/memory.soft_limit_in_bytes", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "313524224", 9)    = 9
[pid  5833] close(3)                    = 0
[pid  5833] openat(AT_FDCWD, "/syzcgroup/cpu/syz0/memory.limit_in_bytes", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "314572800", 9)    = 9
[pid  5833] close(3)                    = 0
[pid  5833] mkdir("/syzcgroup/net/syz0", 0777) = 0
[pid  5833] openat(AT_FDCWD, "/syzcgroup/net/syz0/cgroup.procs", O_WRONLY|O_CLOEXEC) = 3
[pid  5833] write(3, "1", 1)            = 1
[pid  5833] close(3)                    = 0
[pid  5833] mkdir("./0", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = -1 ENXIO (No such device or address)
[   99.993827][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5836 attached
, child_tidptr=0x55558393c750) = 2
[pid  5836] set_robust_list(0x55558393c760, 24) = 0
[pid  5836] chdir("./0")                = 0
[pid  5836] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5836] setpgid(0, 0)               = 0
[pid  5836] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5836] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5836] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5836] write(3, "1000", 4)         = 4
[pid  5836] close(3)                    = 0
[pid  5836] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5836] write(1, "executing program\n", 18) = 18
[pid  5836] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5836] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5836] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5836] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5836] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5836] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5836] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5837 attached
 <unfinished ...>
[pid  5837] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053) = 0
[pid  5837] set_robust_list(0x7f12a87d99a0, 24) = 0
[pid  5837] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5837] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5836] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3
[pid  5836] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5836] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5837] <... futex resumed>)        = 0
[pid  5836] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5837] memfd_create("syzkaller", 0) = 3
[pid  5837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5837] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5837] munmap(0x7f12a0200000, 138412032) = 0
[pid  5837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5837] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5837] close(3)                    = 0
[pid  5837] close(4)                    = 0
[pid  5837] mkdir("./file1", 0777)      = 0
[  100.447105][ T5837] loop0: detected capacity change from 0 to 32768
[  100.500402][ T5837] JBD2: Ignoring recovery information on journal
[pid  5837] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5837] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5837] chdir("./file1")            = 0
[pid  5837] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5837] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5836] <... futex resumed>)        = 0
[pid  5837] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5836] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5837] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5836] <... futex resumed>)        = 0
[pid  5837] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5836] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5837] <... openat resumed>)       = 4
[pid  5837] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5836] <... futex resumed>)        = 0
[pid  5837] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5836] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5837] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5837] sendmmsg(4,  <unfinished ...>
[pid  5836] <... futex resumed>)        = 0
[pid  5837] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5837] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5836] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5837] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5836] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5836] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5837] <... futex resumed>)        = 0
[pid  5836] <... futex resumed>)        = 1
[pid  5837] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5836] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5837] <... fsetxattr resumed>)    = 0
[pid  5837] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5836] <... futex resumed>)        = 0
[pid  5837] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5836] close(3)                    = 0
[pid  5836] close(4)                    = 0
[  100.541779][ T5837] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5836] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5836] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5836] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5836] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5836] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5836] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5836] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5836] exit_group(0)               = ?
[pid  5837] <... futex resumed>)        = ?
[pid  5837] +++ exited with 0 +++
[pid  5836] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=32 /* 0.32 s */} ---
[pid  5833] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./0/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[  100.706666][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./0/file1")          = 0
[pid  5833] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./0/binderfs")      = 0
[pid  5833] umount2("./0/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./0/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./0/cgroup.net")    = 0
[pid  5833] umount2("./0/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./0/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./0/cgroup.cpu")    = 0
[pid  5833] umount2("./0/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./0/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./0/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./0")                = 0
[pid  5833] mkdir("./1", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558393c750) = 4
./strace-static-x86_64: Process 5840 attached
[pid  5840] set_robust_list(0x55558393c760, 24) = 0
[pid  5840] chdir("./1")                = 0
[pid  5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5840] setpgid(0, 0)               = 0
[pid  5840] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5840] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5840] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5840] write(3, "1000", 4)         = 4
[pid  5840] close(3)                    = 0
[pid  5840] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5840] write(1, "executing program\n", 18) = 18
[pid  5840] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5840] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5840] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5840] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5840] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5841 attached
 => {parent_tid=[5]}, 88) = 5
[pid  5841] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5840] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5841] <... rseq resumed>)         = 0
[pid  5840] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5841] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5840] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5841] <... set_robust_list resumed>) = 0
[pid  5841] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5841] memfd_create("syzkaller", 0) = 3
[pid  5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5841] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5841] munmap(0x7f12a0200000, 138412032) = 0
[pid  5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5841] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5841] close(3)                    = 0
[pid  5841] close(4)                    = 0
[pid  5841] mkdir("./file1", 0777)      = 0
[  101.480234][ T5841] loop0: detected capacity change from 0 to 32768
[  101.534209][ T5841] JBD2: Ignoring recovery information on journal
[pid  5841] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5841] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5841] chdir("./file1")            = 0
[pid  5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5841] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5840] <... futex resumed>)        = 0
[pid  5841] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5840] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5841] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5840] <... futex resumed>)        = 0
[pid  5841] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5840] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5841] <... openat resumed>)       = 4
[pid  5841] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5840] <... futex resumed>)        = 0
[pid  5841] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5840] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5841] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5840] <... futex resumed>)        = 0
[pid  5841] sendmmsg(4,  <unfinished ...>
[pid  5840] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5841] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5841] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5840] <... futex resumed>)        = 0
[pid  5841] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5840] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5841] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5840] <... futex resumed>)        = 0
[pid  5841] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5840] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5841] <... fsetxattr resumed>)    = 0
[pid  5841] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5840] <... futex resumed>)        = 0
[pid  5841] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5840] close(3)                    = 0
[pid  5840] close(4)                    = 0
[pid  5840] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5840] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5840] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5840] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5840] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5840] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5840] close(29)                   = -1 EBADF (Bad file descriptor)
[  101.574941][ T5841] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5840] exit_group(0)               = ?
[pid  5841] <... futex resumed>)        = ?
[pid  5841] +++ exited with 0 +++
[pid  5840] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} ---
[pid  5833] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5833] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[  101.650938][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./1/file1")          = 0
[pid  5833] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./1/binderfs")      = 0
[pid  5833] umount2("./1/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./1/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./1/cgroup.net")    = 0
[pid  5833] umount2("./1/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./1/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./1/cgroup.cpu")    = 0
[pid  5833] umount2("./1/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./1/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./1/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./1")                = 0
[pid  5833] mkdir("./2", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5844 attached
, child_tidptr=0x55558393c750) = 6
[pid  5844] set_robust_list(0x55558393c760, 24) = 0
[pid  5844] chdir("./2")                = 0
[pid  5844] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5844] setpgid(0, 0)               = 0
[pid  5844] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5844] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5844] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5844] write(3, "1000", 4)         = 4
[pid  5844] close(3)                    = 0
[pid  5844] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5844] write(1, "executing program\n", 18executing program
) = 18
[pid  5844] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5844] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5844] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5844] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5844] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5844] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5844] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5845 attached
 <unfinished ...>
[pid  5845] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5844] <... clone3 resumed> => {parent_tid=[7]}, 88) = 7
[pid  5845] <... rseq resumed>)         = 0
[pid  5845] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5844] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5845] <... set_robust_list resumed>) = 0
[pid  5845] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5844] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5845] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5845] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5844] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5845] <... memfd_create resumed>) = 3
[pid  5844] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5845] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5845] munmap(0x7f12a0200000, 138412032) = 0
[pid  5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5845] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5845] close(3)                    = 0
[pid  5845] close(4)                    = 0
[pid  5845] mkdir("./file1", 0777)      = 0
[  102.361372][ T5845] loop0: detected capacity change from 0 to 32768
[  102.398602][ T5845] JBD2: Ignoring recovery information on journal
[pid  5845] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5845] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5845] chdir("./file1")            = 0
[pid  5845] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5845] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5845] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5844] <... futex resumed>)        = 0
[pid  5844] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5845] <... futex resumed>)        = 0
[pid  5844] <... futex resumed>)        = 1
[pid  5844] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5845] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid  5845] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5844] <... futex resumed>)        = 0
[pid  5844] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5844] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5845] sendmmsg(4, [], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5845] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5845] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5844] <... futex resumed>)        = 0
[pid  5844] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5845] <... futex resumed>)        = 0
[pid  5845] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5844] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5845] <... fsetxattr resumed>)    = 0
[pid  5845] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5845] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5844] <... futex resumed>)        = 0
[pid  5844] close(3)                    = 0
[pid  5844] close(4)                    = 0
[pid  5844] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5844] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5844] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5844] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5844] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5844] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(22)                   = -1 EBADF (Bad file descriptor)
[  102.446398][ T5845] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5844] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5844] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5844] exit_group(0)               = ?
[pid  5845] <... futex resumed>)        = ?
[pid  5845] +++ exited with 0 +++
[pid  5844] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=24 /* 0.24 s */} ---
[pid  5833] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5833] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[  102.521230][ T5845] syz-executor248 (5845) used greatest stack depth: 18712 bytes left
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./2/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  102.601731][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./2/file1")          = 0
[pid  5833] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./2/binderfs")      = 0
[pid  5833] umount2("./2/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./2/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./2/cgroup.net")    = 0
[pid  5833] umount2("./2/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./2/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./2/cgroup.cpu")    = 0
[pid  5833] umount2("./2/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./2/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./2/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./2")                = 0
[pid  5833] mkdir("./3", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5848 attached
, child_tidptr=0x55558393c750) = 8
[pid  5848] set_robust_list(0x55558393c760, 24) = 0
[pid  5848] chdir("./3")                = 0
[pid  5848] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5848] setpgid(0, 0)               = 0
[pid  5848] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5848] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5848] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5848] write(3, "1000", 4)         = 4
[pid  5848] close(3)                    = 0
[pid  5848] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5848] write(1, "executing program\n", 18executing program
) = 18
[pid  5848] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5848] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5848] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5848] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5848] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5848] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5848] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5849 attached
 <unfinished ...>
[pid  5849] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5848] <... clone3 resumed> => {parent_tid=[9]}, 88) = 9
[pid  5849] <... rseq resumed>)         = 0
[pid  5848] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5849] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5848] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5849] <... set_robust_list resumed>) = 0
[pid  5848] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5849] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5848] <... futex resumed>)        = 0
[pid  5849] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5848] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5849] memfd_create("syzkaller", 0) = 3
[pid  5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5849] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5849] munmap(0x7f12a0200000, 138412032) = 0
[pid  5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5849] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5849] close(3)                    = 0
[pid  5849] close(4)                    = 0
[pid  5849] mkdir("./file1", 0777)      = 0
[  103.387946][ T5849] loop0: detected capacity change from 0 to 32768
[pid  5849] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5849] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5849] chdir("./file1")            = 0
[pid  5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5849] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5849] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5848] <... futex resumed>)        = 0
[pid  5848] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5849] <... futex resumed>)        = 0
[pid  5848] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5849] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid  5849] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5848] <... futex resumed>)        = 0
[pid  5849] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5848] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5849] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5848] <... futex resumed>)        = 0
[pid  5849] sendmmsg(4,  <unfinished ...>
[pid  5848] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5849] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5849] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5848] <... futex resumed>)        = 0
[pid  5849] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5848] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5849] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5848] <... futex resumed>)        = 0
[pid  5849] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[  103.446987][ T5849] JBD2: Ignoring recovery information on journal
[  103.485342][ T5849] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5848] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5849] <... fsetxattr resumed>)    = 0
[pid  5849] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5848] <... futex resumed>)        = 0
[pid  5849] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5848] close(3)                    = 0
[pid  5848] close(4)                    = 0
[pid  5848] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5848] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5848] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5848] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5848] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5848] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5848] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5848] exit_group(0)               = ?
[pid  5849] <... futex resumed>)        = ?
[pid  5849] +++ exited with 0 +++
[pid  5848] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=21 /* 0.21 s */} ---
[pid  5833] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./3/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[  103.629455][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./3/file1")          = 0
[pid  5833] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./3/binderfs")      = 0
[pid  5833] umount2("./3/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./3/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./3/cgroup.net")    = 0
[pid  5833] umount2("./3/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./3/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./3/cgroup.cpu")    = 0
[pid  5833] umount2("./3/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./3/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./3/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./3")                = 0
[pid  5833] mkdir("./4", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5852 attached
, child_tidptr=0x55558393c750) = 10
[pid  5852] set_robust_list(0x55558393c760, 24) = 0
[pid  5852] chdir("./4")                = 0
[pid  5852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5852] setpgid(0, 0)               = 0
[pid  5852] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5852] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5852] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5852] write(3, "1000", 4)         = 4
[pid  5852] close(3)                    = 0
[pid  5852] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5852] write(1, "executing program\n", 18) = 18
[pid  5852] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5852] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5852] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5852] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5852] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5853 attached
 => {parent_tid=[11]}, 88) = 11
[pid  5853] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053) = 0
[pid  5852] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5852] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5852] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5853] set_robust_list(0x7f12a87d99a0, 24) = 0
[pid  5853] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5853] memfd_create("syzkaller", 0) = 3
[pid  5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5853] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5853] munmap(0x7f12a0200000, 138412032) = 0
[pid  5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5853] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5853] close(3)                    = 0
[pid  5853] close(4)                    = 0
[pid  5853] mkdir("./file1", 0777)      = 0
[  104.404848][ T5853] loop0: detected capacity change from 0 to 32768
[pid  5853] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5853] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[  104.460367][ T5853] JBD2: Ignoring recovery information on journal
[  104.498838][ T5853] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5853] chdir("./file1")            = 0
[pid  5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5853] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5852] <... futex resumed>)        = 0
[pid  5853] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5852] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5853] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5852] <... futex resumed>)        = 0
[pid  5853] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5852] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5853] <... openat resumed>)       = 4
[pid  5853] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5852] <... futex resumed>)        = 0
[pid  5853] sendmmsg(4,  <unfinished ...>
[pid  5852] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5853] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5852] <... futex resumed>)        = 0
[pid  5853] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5852] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5853] <... futex resumed>)        = 0
[pid  5852] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5853] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5852] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5853] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5852] <... futex resumed>)        = 0
[pid  5853] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5852] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5853] <... fsetxattr resumed>)    = 0
[pid  5853] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5853] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5852] <... futex resumed>)        = 0
[pid  5852] close(3)                    = 0
[pid  5852] close(4)                    = 0
[pid  5852] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5852] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5852] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5852] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5852] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5852] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5852] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5852] exit_group(0)               = ?
[pid  5853] <... futex resumed>)        = ?
[pid  5853] +++ exited with 0 +++
[pid  5852] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} ---
[pid  5833] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5833] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./4/file1")          = 0
[pid  5833] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./4/binderfs")      = 0
[pid  5833] umount2("./4/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./4/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./4/cgroup.net")    = 0
[pid  5833] umount2("./4/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./4/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./4/cgroup.cpu")    = 0
[pid  5833] umount2("./4/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./4/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./4/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./4")                = 0
[pid  5833] mkdir("./5", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[  104.713837][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5856 attached
, child_tidptr=0x55558393c750) = 12
[pid  5856] set_robust_list(0x55558393c760, 24) = 0
[pid  5856] chdir("./5")                = 0
[pid  5856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5856] setpgid(0, 0)               = 0
[pid  5856] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5856] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5856] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5856] write(3, "1000", 4)         = 4
[pid  5856] close(3)                    = 0
[pid  5856] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5856] write(1, "executing program\n", 18) = 18
[pid  5856] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5856] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5856] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5856] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5856] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5856] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5856] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5857 attached
 <unfinished ...>
[pid  5857] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053) = 0
[pid  5856] <... clone3 resumed> => {parent_tid=[13]}, 88) = 13
[pid  5857] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5856] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5857] <... set_robust_list resumed>) = 0
[pid  5856] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5857] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5856] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5857] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5856] <... futex resumed>)        = 0
[pid  5857] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5856] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5857] <... memfd_create resumed>) = 3
[pid  5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5857] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5857] munmap(0x7f12a0200000, 138412032) = 0
[pid  5857] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5857] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5857] close(3)                    = 0
[pid  5857] close(4)                    = 0
[pid  5857] mkdir("./file1", 0777)      = 0
[  105.208723][ T5857] loop0: detected capacity change from 0 to 32768
[pid  5857] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5857] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5857] chdir("./file1")            = 0
[pid  5857] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5857] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5856] <... futex resumed>)        = 0
[pid  5856] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5857] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5856] <... futex resumed>)        = 0
[pid  5856] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5857] <... openat resumed>)       = 4
[pid  5857] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5857] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5856] <... futex resumed>)        = 0
[pid  5856] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5857] <... futex resumed>)        = 0
[pid  5856] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5857] sendmmsg(4, [], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5857] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5857] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5856] <... futex resumed>)        = 0
[pid  5857] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5856] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5857] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5856] <... futex resumed>)        = 0
[pid  5856] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5857] <... fsetxattr resumed>)    = 0
[pid  5857] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5856] <... futex resumed>)        = 0
[pid  5857] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5856] close(3)                    = 0
[  105.257730][ T5857] JBD2: Ignoring recovery information on journal
[  105.294200][ T5857] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5856] close(4)                    = 0
[pid  5856] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5856] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5856] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5856] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5856] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5856] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5856] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5856] exit_group(0)               = ?
[pid  5857] <... futex resumed>)        = ?
[pid  5857] +++ exited with 0 +++
[pid  5856] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=28 /* 0.28 s */} ---
[pid  5833] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./5/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./5/file1")          = 0
[pid  5833] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./5/binderfs")      = 0
[pid  5833] umount2("./5/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./5/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./5/cgroup.net")    = 0
[pid  5833] umount2("./5/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./5/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./5/cgroup.cpu")    = 0
[pid  5833] umount2("./5/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./5/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./5/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./5")                = 0
[pid  5833] mkdir("./6", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[  105.413589][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5860 attached
 <unfinished ...>
[pid  5860] set_robust_list(0x55558393c760, 24 <unfinished ...>
[pid  5833] <... clone resumed>, child_tidptr=0x55558393c750) = 14
[pid  5860] <... set_robust_list resumed>) = 0
[pid  5860] chdir("./6")                = 0
[pid  5860] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5860] setpgid(0, 0)               = 0
[pid  5860] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5860] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5860] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5860] write(3, "1000", 4)         = 4
[pid  5860] close(3)                    = 0
[pid  5860] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5860] write(1, "executing program\n", 18) = 18
[pid  5860] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5860] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5860] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5860] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5860] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5860] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5860] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5861 attached
 <unfinished ...>
[pid  5861] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053) = 0
[pid  5861] set_robust_list(0x7f12a87d99a0, 24) = 0
[pid  5861] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5860] <... clone3 resumed> => {parent_tid=[15]}, 88) = 15
[pid  5861] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5860] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5861] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5860] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5860] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5861] <... futex resumed>)        = 0
[pid  5860] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5861] memfd_create("syzkaller", 0) = 3
[pid  5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5861] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5861] munmap(0x7f12a0200000, 138412032) = 0
[pid  5861] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5861] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5861] close(3)                    = 0
[pid  5861] close(4)                    = 0
[pid  5861] mkdir("./file1", 0777)      = 0
[  105.879366][ T5861] loop0: detected capacity change from 0 to 32768
[  105.933363][ T5861] JBD2: Ignoring recovery information on journal
[pid  5861] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5861] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5861] chdir("./file1")            = 0
[pid  5861] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5861] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5861] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5860] <... futex resumed>)        = 0
[pid  5860] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5861] <... futex resumed>)        = 0
[pid  5860] <... futex resumed>)        = 1
[pid  5861] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5860] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5861] <... openat resumed>)       = 4
[pid  5861] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5861] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5860] <... futex resumed>)        = 0
[pid  5860] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5860] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5861] <... futex resumed>)        = 0
[pid  5861] sendmmsg(4, [], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5861] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5860] <... futex resumed>)        = 0
[pid  5860] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5861] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5860] <... futex resumed>)        = 0
[pid  5860] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5861] <... fsetxattr resumed>)    = 0
[pid  5861] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5861] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5860] <... futex resumed>)        = 0
[pid  5860] close(3)                    = 0
[pid  5860] close(4)                    = 0
[pid  5860] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5860] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5860] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5860] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5860] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5860] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(25)                   = -1 EBADF (Bad file descriptor)
[  105.979680][ T5861] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5860] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5860] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5860] exit_group(0)               = ?
[pid  5861] <... futex resumed>)        = ?
[pid  5861] +++ exited with 0 +++
[pid  5860] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=24 /* 0.24 s */} ---
[pid  5833] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./6/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./6/file1")          = 0
[pid  5833] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./6/binderfs")      = 0
[pid  5833] umount2("./6/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./6/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./6/cgroup.net")    = 0
[pid  5833] umount2("./6/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./6/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./6/cgroup.cpu")    = 0
[pid  5833] umount2("./6/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./6/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./6/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./6")                = 0
[pid  5833] mkdir("./7", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[  106.104899][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5864 attached
 <unfinished ...>
[pid  5864] set_robust_list(0x55558393c760, 24 <unfinished ...>
[pid  5833] <... clone resumed>, child_tidptr=0x55558393c750) = 16
[pid  5864] <... set_robust_list resumed>) = 0
[pid  5864] chdir("./7")                = 0
[pid  5864] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5864] setpgid(0, 0)               = 0
[pid  5864] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5864] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5864] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5864] write(3, "1000", 4)         = 4
[pid  5864] close(3)                    = 0
[pid  5864] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5864] write(1, "executing program\n", 18) = 18
[pid  5864] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5864] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5864] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5864] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5864] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5864] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5864] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5865 attached
 => {parent_tid=[17]}, 88) = 17
[pid  5865] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5864] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5865] <... rseq resumed>)         = 0
[pid  5864] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5865] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5864] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] <... set_robust_list resumed>) = 0
[pid  5864] <... futex resumed>)        = 0
[pid  5865] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5864] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5865] memfd_create("syzkaller", 0) = 3
[pid  5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5865] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5865] munmap(0x7f12a0200000, 138412032) = 0
[pid  5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5865] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5865] close(3)                    = 0
[pid  5865] close(4)                    = 0
[pid  5865] mkdir("./file1", 0777)      = 0
[  106.612213][ T5865] loop0: detected capacity change from 0 to 32768
[pid  5865] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5865] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5865] chdir("./file1")            = 0
[pid  5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5865] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5865] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5864] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] <... futex resumed>)        = 0
[pid  5864] <... futex resumed>)        = 1
[pid  5864] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5865] openat(AT_FDCWD, ".", O_RDONLY) = 4
[pid  5865] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5864] <... futex resumed>)        = 0
[pid  5864] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] sendmmsg(4,  <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5865] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5864] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5865] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5864] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5865] <... futex resumed>)        = 0
[pid  5864] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5865] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5864] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5865] <... fsetxattr resumed>)    = 0
[pid  5865] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5865] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5864] <... futex resumed>)        = 0
[pid  5864] close(3)                    = 0
[pid  5864] close(4)                    = 0
[  106.662946][ T5865] JBD2: Ignoring recovery information on journal
[  106.700001][ T5865] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5864] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5864] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5864] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5864] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5864] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5864] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5864] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5864] exit_group(0)               = ?
[pid  5865] <... futex resumed>)        = ?
[pid  5865] +++ exited with 0 +++
[pid  5864] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=27 /* 0.27 s */} ---
[pid  5833] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5833] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[  106.827127][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./7/file1")          = 0
[pid  5833] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./7/binderfs")      = 0
[pid  5833] umount2("./7/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./7/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./7/cgroup.net")    = 0
[pid  5833] umount2("./7/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./7/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./7/cgroup.cpu")    = 0
[pid  5833] umount2("./7/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./7/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./7/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./7")                = 0
[pid  5833] mkdir("./8", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5868 attached
 <unfinished ...>
[pid  5868] set_robust_list(0x55558393c760, 24 <unfinished ...>
[pid  5833] <... clone resumed>, child_tidptr=0x55558393c750) = 18
[pid  5868] <... set_robust_list resumed>) = 0
[pid  5868] chdir("./8")                = 0
[pid  5868] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5868] setpgid(0, 0)               = 0
[pid  5868] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5868] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5868] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5868] write(3, "1000", 4)         = 4
[pid  5868] close(3)                    = 0
[pid  5868] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5868] write(1, "executing program\n", 18executing program
) = 18
[pid  5868] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5868] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5868] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5868] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5868] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5868] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5868] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5869 attached
 => {parent_tid=[19]}, 88) = 19
[pid  5869] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5868] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5869] <... rseq resumed>)         = 0
[pid  5869] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5868] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5869] <... set_robust_list resumed>) = 0
[pid  5868] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5869] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5868] <... futex resumed>)        = 0
[pid  5869] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5868] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5869] <... memfd_create resumed>) = 3
[pid  5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5869] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5869] munmap(0x7f12a0200000, 138412032) = 0
[pid  5869] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5869] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5869] close(3)                    = 0
[pid  5869] close(4)                    = 0
[pid  5869] mkdir("./file1", 0777)      = 0
[  107.657028][ T5869] loop0: detected capacity change from 0 to 32768
[  107.694179][ T5869] JBD2: Ignoring recovery information on journal
[pid  5869] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5869] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5869] chdir("./file1")            = 0
[pid  5869] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5869] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5868] <... futex resumed>)        = 0
[pid  5869] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5868] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5868] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5869] <... openat resumed>)       = 4
[  107.733694][ T5869] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5869] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5868] <... futex resumed>)        = 0
[pid  5869] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5868] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5869] <... futex resumed>)        = 0
[pid  5868] <... futex resumed>)        = 1
[pid  5869] sendmmsg(4,  <unfinished ...>
[pid  5868] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5869] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5869] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5869] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5868] <... futex resumed>)        = 0
[pid  5868] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5869] <... futex resumed>)        = 0
[pid  5868] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5869] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE) = 0
[pid  5869] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5868] <... futex resumed>)        = 0
[pid  5868] close(3)                    = 0
[pid  5868] close(4 <unfinished ...>
[pid  5869] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5868] <... close resumed>)        = 0
[pid  5868] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5868] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5868] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5868] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5868] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5868] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5868] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5868] exit_group(0 <unfinished ...>
[pid  5869] <... futex resumed>)        = ?
[pid  5868] <... exit_group resumed>)   = ?
[pid  5869] +++ exited with 0 +++
[pid  5868] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=23 /* 0.23 s */} ---
[pid  5833] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5833] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./8/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[  107.873613][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./8/file1")          = 0
[pid  5833] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./8/binderfs")      = 0
[pid  5833] umount2("./8/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./8/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./8/cgroup.net")    = 0
[pid  5833] umount2("./8/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./8/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./8/cgroup.cpu")    = 0
[pid  5833] umount2("./8/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./8/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./8/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./8")                = 0
[pid  5833] mkdir("./9", 0777)          = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5872 attached
, child_tidptr=0x55558393c750) = 20
[pid  5872] set_robust_list(0x55558393c760, 24) = 0
[pid  5872] chdir("./9")                = 0
[pid  5872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5872] setpgid(0, 0)               = 0
[pid  5872] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5872] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5872] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5872] write(3, "1000", 4)         = 4
[pid  5872] close(3)                    = 0
[pid  5872] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5872] write(1, "executing program\n", 18) = 18
[pid  5872] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5872] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5872] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5872] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5872] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5872] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5872] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5873 attached
 => {parent_tid=[21]}, 88) = 21
[pid  5873] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053) = 0
[pid  5873] set_robust_list(0x7f12a87d99a0, 24) = 0
[pid  5873] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5872] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5873] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5872] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5872] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5873] <... futex resumed>)        = 0
[pid  5872] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5873] memfd_create("syzkaller", 0) = 3
[pid  5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5873] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5873] munmap(0x7f12a0200000, 138412032) = 0
[pid  5873] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5873] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5873] close(3)                    = 0
[pid  5873] close(4)                    = 0
[pid  5873] mkdir("./file1", 0777)      = 0
[  108.660537][ T5873] loop0: detected capacity change from 0 to 32768
[pid  5873] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5873] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5873] chdir("./file1")            = 0
[pid  5873] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5873] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5872] <... futex resumed>)        = 0
[pid  5873] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5872] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5872] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5873] <... openat resumed>)       = 4
[pid  5873] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5873] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5872] <... futex resumed>)        = 0
[pid  5872] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5873] <... futex resumed>)        = 0
[pid  5872] <... futex resumed>)        = 1
[pid  5873] sendmmsg(4,  <unfinished ...>
[pid  5872] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5873] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5873] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5872] <... futex resumed>)        = 0
[pid  5873] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5872] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5872] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5873] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5873] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE) = 0
[pid  5873] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5873] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5872] <... futex resumed>)        = 0
[pid  5872] close(3)                    = 0
[  108.714992][ T5873] JBD2: Ignoring recovery information on journal
[  108.753727][ T5873] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5872] close(4)                    = 0
[pid  5872] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5872] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5872] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5872] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5872] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5872] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5872] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5872] exit_group(0)               = ?
[pid  5873] <... futex resumed>)        = ?
[pid  5873] +++ exited with 0 +++
[pid  5872] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=25 /* 0.25 s */} ---
[pid  5833] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./9/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./9/file1")          = 0
[pid  5833] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./9/binderfs")      = 0
[pid  5833] umount2("./9/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./9/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./9/cgroup.net")    = 0
[pid  5833] umount2("./9/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./9/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./9/cgroup.cpu")    = 0
[pid  5833] umount2("./9/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./9/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./9/cgroup")        = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./9")                = 0
[pid  5833] mkdir("./10", 0777)         = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[  108.909697][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5876 attached
 <unfinished ...>
[pid  5876] set_robust_list(0x55558393c760, 24 <unfinished ...>
[pid  5833] <... clone resumed>, child_tidptr=0x55558393c750) = 22
[pid  5876] <... set_robust_list resumed>) = 0
[pid  5876] chdir("./10")               = 0
[pid  5876] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5876] setpgid(0, 0)               = 0
[pid  5876] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5876] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5876] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5876] write(3, "1000", 4)         = 4
[pid  5876] close(3)                    = 0
[pid  5876] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid  5876] write(1, "executing program\n", 18) = 18
[pid  5876] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5876] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5876] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5876] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5876] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5876] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5877 attached
 => {parent_tid=[23]}, 88) = 23
[pid  5877] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5876] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5877] <... rseq resumed>)         = 0
[pid  5876] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5877] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5876] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5877] <... set_robust_list resumed>) = 0
[pid  5877] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5876] <... futex resumed>)        = 0
[pid  5877] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5876] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5877] memfd_create("syzkaller", 0) = 3
[pid  5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5877] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5877] munmap(0x7f12a0200000, 138412032) = 0
[pid  5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5877] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5877] close(3)                    = 0
[pid  5877] close(4)                    = 0
[pid  5877] mkdir("./file1", 0777)      = 0
[  109.433224][ T5877] loop0: detected capacity change from 0 to 32768
[pid  5877] mount("/dev/loop0", "./file1", "ocfs2", 0, "acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noa"...) = 0
[pid  5877] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
[pid  5877] chdir("./file1")            = 0
[pid  5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy)
[pid  5877] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5877] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5876] <... futex resumed>)        = 0
[pid  5876] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5877] <... futex resumed>)        = 0
[pid  5876] <... futex resumed>)        = 1
[pid  5877] openat(AT_FDCWD, ".", O_RDONLY <unfinished ...>
[pid  5876] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5877] <... openat resumed>)       = 4
[pid  5877] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5876] <... futex resumed>)        = 0
[pid  5877] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5876] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5877] <... futex resumed>)        = -1 EAGAIN (Resource temporarily unavailable)
[pid  5876] <... futex resumed>)        = 0
[pid  5877] sendmmsg(4,  <unfinished ...>
[pid  5876] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5877] <... sendmmsg resumed>[], 0, MSG_DONTROUTE) = -1 ENOTSOCK (Socket operation on non-socket)
[pid  5877] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5876] <... futex resumed>)        = 0
[pid  5877] <... futex resumed>)        = 1
[pid  5876] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5877] fsetxattr(4, "trusted.overlay.redirect", NULL, 0, XATTR_CREATE <unfinished ...>
[pid  5876] <... futex resumed>)        = 0
[pid  5876] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid  5877] <... fsetxattr resumed>)    = 0
[pid  5877] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid  5877] futex(0x7f12a88b06c8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid  5876] <... futex resumed>)        = 0
[pid  5876] close(3)                    = 0
[  109.476875][ T5877] JBD2: Ignoring recovery information on journal
[  109.512922][ T5877] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[pid  5876] close(4)                    = 0
[pid  5876] close(5)                    = -1 EBADF (Bad file descriptor)
[pid  5876] close(6)                    = -1 EBADF (Bad file descriptor)
[pid  5876] close(7)                    = -1 EBADF (Bad file descriptor)
[pid  5876] close(8)                    = -1 EBADF (Bad file descriptor)
[pid  5876] close(9)                    = -1 EBADF (Bad file descriptor)
[pid  5876] close(10)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(11)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(12)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(13)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(14)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(15)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(16)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(17)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(18)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(19)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(20)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(21)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(22)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(23)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(24)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(25)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(26)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(27)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(28)                   = -1 EBADF (Bad file descriptor)
[pid  5876] close(29)                   = -1 EBADF (Bad file descriptor)
[pid  5876] exit_group(0 <unfinished ...>
[pid  5877] <... futex resumed>)        = ?
[pid  5876] <... exit_group resumed>)   = ?
[pid  5877] +++ exited with 0 +++
[pid  5876] +++ exited with 0 +++
[pid  5833] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=25 /* 0.25 s */} ---
[pid  5833] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid  5833] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[pid  5833] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 7 entries */, 32768) = 208
[pid  5833] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[pid  5833] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./10/file1", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[pid  5833] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0
[pid  5833] getdents64(4, 0x555583945830 /* 2 entries */, 32768) = 48
[pid  5833] getdents64(4, 0x555583945830 /* 0 entries */, 32768) = 0
[pid  5833] close(4)                    = 0
[pid  5833] rmdir("./10/file1")         = 0
[pid  5833] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./10/binderfs")     = 0
[pid  5833] umount2("./10/cgroup.net", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[  109.639477][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[pid  5833] newfstatat(AT_FDCWD, "./10/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./10/cgroup.net")   = 0
[pid  5833] umount2("./10/cgroup.cpu", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./10/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./10/cgroup.cpu")   = 0
[pid  5833] umount2("./10/cgroup", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[pid  5833] newfstatat(AT_FDCWD, "./10/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0
[pid  5833] unlink("./10/cgroup")       = 0
[pid  5833] getdents64(3, 0x55558393d7f0 /* 0 entries */, 32768) = 0
[pid  5833] close(3)                    = 0
[pid  5833] rmdir("./10")               = 0
[pid  5833] mkdir("./11", 0777)         = 0
[pid  5833] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid  5833] ioctl(3, LOOP_CLR_FD)       = 0
[pid  5833] close(3)                    = 0
[pid  5833] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5880 attached
 <unfinished ...>
[pid  5880] set_robust_list(0x55558393c760, 24 <unfinished ...>
[pid  5833] <... clone resumed>, child_tidptr=0x55558393c750) = 24
[pid  5880] <... set_robust_list resumed>) = 0
[pid  5880] chdir("./11")               = 0
[pid  5880] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5880] setpgid(0, 0)               = 0
[pid  5880] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0
[pid  5880] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0
[pid  5880] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0
[pid  5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5880] write(3, "1000", 4)         = 4
[pid  5880] close(3)                    = 0
[pid  5880] symlink("/dev/binderfs", "./binderfs") = 0
[pid  5880] write(1, "executing program\n", 18executing program
) = 18
[pid  5880] futex(0x7f12a88b06cc, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid  5880] rt_sigaction(SIGRT_1, {sa_handler=0x7f12a88513d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f12a87f3350}, NULL, 8) = 0
[pid  5880] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
[pid  5880] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f12a87b9000
[pid  5880] mprotect(0x7f12a87ba000, 131072, PROT_READ|PROT_WRITE) = 0
[pid  5880] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0
[pid  5880] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f12a87d9990, parent_tid=0x7f12a87d9990, exit_signal=0, stack=0x7f12a87b9000, stack_size=0x20240, tls=0x7f12a87d96c0}./strace-static-x86_64: Process 5881 attached
 => {parent_tid=[25]}, 88) = 25
[pid  5881] rseq(0x7f12a87d9fe0, 0x20, 0, 0x53053053 <unfinished ...>
[pid  5880] rt_sigprocmask(SIG_SETMASK, [],  <unfinished ...>
[pid  5881] <... rseq resumed>)         = 0
[pid  5880] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid  5881] set_robust_list(0x7f12a87d99a0, 24 <unfinished ...>
[pid  5880] futex(0x7f12a88b06c8, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid  5881] <... set_robust_list resumed>) = 0
[pid  5881] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid  5881] memfd_create("syzkaller", 0 <unfinished ...>
[pid  5880] <... futex resumed>)        = 0
[pid  5880] futex(0x7f12a88b06cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid  5881] <... memfd_create resumed>) = 3
[pid  5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f12a0200000
[pid  5881] write(3, "\x02\x02\x02\x02\x02\x02\x02\x02\x74\x68\x69\x73\x20\x69\x73\x20\x61\x6e\x20\x6f\x63\x66\x73\x32\x20\x76\x6f\x6c\x75\x6d\x65\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02"..., 16777216) = 16777216
[pid  5881] munmap(0x7f12a0200000, 138412032) = 0
[pid  5881] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid  5881] ioctl(4, LOOP_SET_FD, 3)    = 0
[pid  5881] close(3)                    = 0
[pid  5881] close(4)                    = 0
[pid  5881] mkdir("./file1", 0777)      = 0
[  110.296840][ T5881] loop0: detected capacity change from 0 to 32768
[  110.323407][   T12] list_add double add: new=ffff8880202ab570, prev=ffff8880202ab570, next=ffff8881423a8960.
[  110.334186][   T12] ------------[ cut here ]------------
[  110.339644][   T12] kernel BUG at lib/list_debug.c:37!
[  110.344957][   T12] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  110.351894][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  110.362032][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  110.372075][   T12] Workqueue: loop0 loop_workfn
[  110.376858][   T12] RIP: 0010:__list_add_valid_or_report+0xa4/0x130
[  110.383270][   T12] Code: f7 74 11 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 c7 c7 a0 59 81 8c 4c 89 fe 4c 89 e2 4c 89 f1 e8 0d e8 27 fc 90 <0f> 0b 48 c7 c7 a0 57 81 8c e8 fe e7 27 fc 90 0f 0b 48 c7 c7 40 58
[  110.402881][   T12] RSP: 0018:ffffc90000117628 EFLAGS: 00010046
[  110.408956][   T12] RAX: 0000000000000058 RBX: 1ffff110040556ae RCX: 3f05f5b6566b6000
[  110.416934][   T12] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000
[  110.424995][   T12] RBP: 1ffff1102847512d R08: ffffffff81a170dc R09: 1ffff92000022e60
[  110.432969][   T12] R10: dffffc0000000000 R11: fffff52000022e61 R12: ffff8880202ab570
[  110.440951][   T12] R13: dffffc0000000000 R14: ffff8881423a8960 R15: ffff8880202ab570
[  110.448917][   T12] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  110.457848][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  110.464429][   T12] CR2: 00007f12a022e000 CR3: 0000000035086000 CR4: 00000000003526f0
[  110.472393][   T12] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  110.480365][   T12] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  110.488339][   T12] Call Trace:
[  110.491618][   T12]  <TASK>
[  110.494573][   T12]  ? __die_body+0x5f/0xb0
[  110.498907][   T12]  ? die+0x9e/0xc0
[  110.502628][   T12]  ? do_trap+0x15a/0x3a0
[  110.506869][   T12]  ? __list_add_valid_or_report+0xa4/0x130
[  110.512683][   T12]  ? do_error_trap+0x1dc/0x2c0
[  110.517440][   T12]  ? __list_add_valid_or_report+0xa4/0x130
[  110.523251][   T12]  ? __pfx_shmem_file_read_iter+0x10/0x10
[  110.528970][   T12]  ? __pfx_do_error_trap+0x10/0x10
[  110.534093][   T12]  ? report_bug+0x3cd/0x500
[  110.538604][   T12]  ? __list_add_valid_or_report+0xa4/0x130
[  110.544416][   T12]  ? handle_invalid_op+0x34/0x40
[  110.549345][   T12]  ? __list_add_valid_or_report+0xa4/0x130
[  110.555149][   T12]  ? exc_invalid_op+0x38/0x50
[  110.559840][   T12]  ? asm_exc_invalid_op+0x1a/0x20
[  110.564860][   T12]  ? __wake_up_klogd+0xcc/0x110
[  110.569716][   T12]  ? __list_add_valid_or_report+0xa4/0x130
[  110.575521][   T12]  ? __list_add_valid_or_report+0xa3/0x130
[  110.581411][   T12]  loop_process_work+0x1f96/0x21c0
[  110.586531][   T12]  ? __pfx_validate_chain+0x10/0x10
[  110.591724][   T12]  ? mark_lock+0x9a/0x360
[  110.596052][   T12]  ? __lock_acquire+0x1397/0x2100
[  110.601076][   T12]  ? __pfx_loop_process_work+0x10/0x10
[  110.606537][   T12]  ? register_lock_class+0x102/0x980
[  110.611824][   T12]  ? __pfx_register_lock_class+0x10/0x10
[  110.617456][   T12]  ? mark_lock+0x9a/0x360
[  110.621775][   T12]  ? debug_object_deactivate+0x2d5/0x390
[  110.627412][   T12]  ? __lock_acquire+0x1397/0x2100
[  110.632436][   T12]  ? do_raw_spin_unlock+0x13c/0x8b0
[  110.637642][   T12]  ? __pfx_lock_acquire+0x10/0x10
[  110.642679][   T12]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  110.648661][   T12]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  110.655013][   T12]  ? process_scheduled_works+0x9c6/0x18e0
[  110.660728][   T12]  process_scheduled_works+0xabe/0x18e0
[  110.666287][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  110.672269][   T12]  ? assign_work+0x364/0x3d0
[  110.676855][   T12]  worker_thread+0x870/0xd30
[  110.681456][   T12]  ? __kthread_parkme+0x169/0x1d0
[  110.686479][   T12]  ? __pfx_worker_thread+0x10/0x10
[  110.691597][   T12]  kthread+0x7a9/0x920
[  110.695654][   T12]  ? __pfx_kthread+0x10/0x10
[  110.700233][   T12]  ? __pfx_worker_thread+0x10/0x10
[  110.705335][   T12]  ? __pfx_kthread+0x10/0x10
[  110.709911][   T12]  ? __pfx_kthread+0x10/0x10
[  110.714501][   T12]  ? __pfx_kthread+0x10/0x10
[  110.719073][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  110.724264][   T12]  ? lockdep_hardirqs_on+0x99/0x150
[  110.729489][   T12]  ? __pfx_kthread+0x10/0x10
[  110.734068][   T12]  ret_from_fork+0x4b/0x80
[  110.738474][   T12]  ? __pfx_kthread+0x10/0x10
[  110.743137][   T12]  ret_from_fork_asm+0x1a/0x30
[  110.747900][   T12]  </TASK>
[  110.750904][   T12] Modules linked in:
[  110.754797][   T12] ---[ end trace 0000000000000000 ]---
[  110.760245][   T12] RIP: 0010:__list_add_valid_or_report+0xa4/0x130
[  110.766665][   T12] Code: f7 74 11 b0 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 c7 c7 a0 59 81 8c 4c 89 fe 4c 89 e2 4c 89 f1 e8 0d e8 27 fc 90 <0f> 0b 48 c7 c7 a0 57 81 8c e8 fe e7 27 fc 90 0f 0b 48 c7 c7 40 58
[  110.786262][   T12] RSP: 0018:ffffc90000117628 EFLAGS: 00010046
[  110.792326][   T12] RAX: 0000000000000058 RBX: 1ffff110040556ae RCX: 3f05f5b6566b6000
[  110.800289][   T12] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000
[  110.808253][   T12] RBP: 1ffff1102847512d R08: ffffffff81a170dc R09: 1ffff92000022e60
[  110.816222][   T12] R10: dffffc0000000000 R11: fffff52000022e61 R12: ffff8880202ab570
[  110.824182][   T12] R13: dffffc0000000000 R14: ffff8881423a8960 R15: ffff8880202ab570
[  110.832143][   T12] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  110.841086][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  110.847659][   T12] CR2: 00007f12a022e000 CR3: 0000000035086000 CR4: 00000000003526f0
[  110.855640][   T12] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  110.863602][   T12] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  110.871572][   T12] Kernel panic - not syncing: Fatal exception
[  112.005249][   T12] Shutting down cpus with NMI
[  112.010318][   T12] Kernel Offset: disabled
[  112.014667][   T12] Rebooting in 86400 seconds..