./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor350180814
<...>
DUID 00:04:7b:a2:e0:73:6b:5f:a9:8e:d4:f6:53:82:b5:31:a7:5e
forked to background, child pid 4646
[ 40.486639][ T4647] 8021q: adding VLAN 0 to HW filter on device bond0
[ 40.520707][ T4647] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.1.104' (ECDSA) to the list of known hosts.
execve("./syz-executor350180814", ["./syz-executor350180814"], 0x7ffcfe566710 /* 10 vars */) = 0
brk(NULL) = 0x5555563ea000
brk(0x5555563eac40) = 0x5555563eac40
arch_prctl(ARCH_SET_FS, 0x5555563ea300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor350180814", 4096) = 27
brk(0x55555640bc40) = 0x55555640bc40
brk(0x55555640c000) = 0x55555640c000
mprotect(0x7f213aaa7000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5072
mkdir("./syzkaller.p0aSFK", 0700) = 0
chmod("./syzkaller.p0aSFK", 0777) = 0
chdir("./syzkaller.p0aSFK") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5073
./strace-static-x86_64: Process 5073 attached
[pid 5073] chdir("./0") = 0
[pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5073] setpgid(0, 0) = 0
[pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5073] write(3, "1000", 4) = 4
[pid 5073] close(3) = 0
[pid 5073] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5073] memfd_create("syzkaller", 0) = 3
[pid 5073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5073] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5073] munmap(0x7f21325eb000, 2097152) = 0
[pid 5073] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
syzkaller login: [ 68.119469][ T5073] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5073 'syz-executor350'
[pid 5073] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5073] close(3) = 0
[pid 5073] mkdir("./file0", 0777) = 0
[ 68.161319][ T5073] loop0: detected capacity change from 0 to 4096
[ 68.185780][ T5073] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 68.193958][ T5073] NILFS (loop0): trying rollback from an earlier position
[pid 5073] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5073] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5073] chdir("./file0") = 0
[pid 5073] ioctl(4, LOOP_CLR_FD) = 0
[pid 5073] close(4) = 0
[pid 5073] creat("./bus", 000) = 4
[pid 5073] open("./bus", O_RDONLY) = 5
[pid 5073] creat("./bus", 000) = 6
[ 68.212051][ T5073] NILFS (loop0): recovery complete
[ 68.221375][ T5075] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5073] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5073] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5073] rename("./file1", "./bus") = 0
[pid 5073] sendfile(4, 5, NULL, 109823) = 109823
[pid 5073] exit_group(0) = ?
[ 68.249069][ T27] audit: type=1804 audit(1677522255.065:2): pid=5073 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/0/file0/bus" dev="loop0" ino=12 res=1 errno=0
[ 68.271722][ T27] audit: type=1804 audit(1677522255.075:3): pid=5073 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/0/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5073] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5076
./strace-static-x86_64: Process 5076 attached
[pid 5076] chdir("./1") = 0
[pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5076] setpgid(0, 0) = 0
[pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5076] write(3, "1000", 4) = 4
[pid 5076] close(3) = 0
[pid 5076] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5076] memfd_create("syzkaller", 0) = 3
[pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5076] munmap(0x7f21325eb000, 2097152) = 0
[pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5076] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5076] close(3) = 0
[pid 5076] mkdir("./file0", 0777) = 0
[ 68.437086][ T5076] loop0: detected capacity change from 0 to 4096
[ 68.455717][ T5076] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 68.463843][ T5076] NILFS (loop0): trying rollback from an earlier position
[ 68.478584][ T5076] NILFS (loop0): recovery complete
[pid 5076] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5076] chdir("./file0") = 0
[pid 5076] ioctl(4, LOOP_CLR_FD) = 0
[pid 5076] close(4) = 0
[pid 5076] creat("./bus", 000) = 4
[pid 5076] open("./bus", O_RDONLY) = 5
[ 68.485437][ T5077] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 68.505613][ T27] audit: type=1804 audit(1677522255.325:4): pid=5076 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/1/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5076] creat("./bus", 000) = 6
[pid 5076] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5076] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5076] rename("./file1", "./bus") = 0
[pid 5076] sendfile(4, 5, NULL, 109823) = 109823
[pid 5076] exit_group(0) = ?
[pid 5076] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
[ 68.530422][ T27] audit: type=1804 audit(1677522255.355:5): pid=5076 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/1/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5078
./strace-static-x86_64: Process 5078 attached
[pid 5078] chdir("./2") = 0
[pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5078] setpgid(0, 0) = 0
[pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5078] write(3, "1000", 4) = 4
[pid 5078] close(3) = 0
[pid 5078] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5078] memfd_create("syzkaller", 0) = 3
[pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5078] munmap(0x7f21325eb000, 2097152) = 0
[pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5078] close(3) = 0
[pid 5078] mkdir("./file0", 0777) = 0
[ 68.672700][ T5078] loop0: detected capacity change from 0 to 4096
[ 68.691035][ T5078] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 68.699145][ T5078] NILFS (loop0): trying rollback from an earlier position
[ 68.715034][ T5078] NILFS (loop0): recovery complete
[pid 5078] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5078] chdir("./file0") = 0
[pid 5078] ioctl(4, LOOP_CLR_FD) = 0
[pid 5078] close(4) = 0
[pid 5078] creat("./bus", 000) = 4
[pid 5078] open("./bus", O_RDONLY) = 5
[ 68.722019][ T5079] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5078] creat("./bus", 000) = 6
[pid 5078] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5078] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5078] rename("./file1", "./bus") = 0
[pid 5078] sendfile(4, 5, NULL, 109823) = 109823
[pid 5078] exit_group(0) = ?
[pid 5078] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
[ 68.752609][ T27] audit: type=1804 audit(1677522255.575:6): pid=5078 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/2/file0/bus" dev="loop0" ino=12 res=1 errno=0
[ 68.774793][ T27] audit: type=1804 audit(1677522255.575:7): pid=5078 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/2/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5080
./strace-static-x86_64: Process 5080 attached
[pid 5080] chdir("./3") = 0
[pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5080] setpgid(0, 0) = 0
[pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5080] write(3, "1000", 4) = 4
[pid 5080] close(3) = 0
[pid 5080] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5080] memfd_create("syzkaller", 0) = 3
[pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5080] munmap(0x7f21325eb000, 2097152) = 0
[pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5080] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5080] close(3) = 0
[pid 5080] mkdir("./file0", 0777) = 0
[ 68.926624][ T5080] loop0: detected capacity change from 0 to 4096
[ 68.944703][ T5080] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 68.952788][ T5080] NILFS (loop0): trying rollback from an earlier position
[ 68.966989][ T5080] NILFS (loop0): recovery complete
[pid 5080] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5080] chdir("./file0") = 0
[pid 5080] ioctl(4, LOOP_CLR_FD) = 0
[pid 5080] close(4) = 0
[pid 5080] creat("./bus", 000) = 4
[pid 5080] open("./bus", O_RDONLY) = 5
[pid 5080] creat("./bus", 000) = 6
[ 68.973338][ T5081] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 68.995712][ T27] audit: type=1804 audit(1677522255.815:8): pid=5080 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/3/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5080] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5080] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5080] rename("./file1", "./bus") = 0
[pid 5080] sendfile(4, 5, NULL, 109823) = 109823
[pid 5080] exit_group(0) = ?
[pid 5080] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
[ 69.020972][ T27] audit: type=1804 audit(1677522255.845:9): pid=5080 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/3/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5082
./strace-static-x86_64: Process 5082 attached
[pid 5082] chdir("./4") = 0
[pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5082] setpgid(0, 0) = 0
[pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5082] write(3, "1000", 4) = 4
[pid 5082] close(3) = 0
[pid 5082] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5082] memfd_create("syzkaller", 0) = 3
[pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5082] munmap(0x7f21325eb000, 2097152) = 0
[pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5082] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5082] close(3) = 0
[pid 5082] mkdir("./file0", 0777) = 0
[ 69.181295][ T5082] loop0: detected capacity change from 0 to 4096
[ 69.200751][ T5082] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 69.208805][ T5082] NILFS (loop0): trying rollback from an earlier position
[ 69.224305][ T5082] NILFS (loop0): recovery complete
[pid 5082] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5082] chdir("./file0") = 0
[pid 5082] ioctl(4, LOOP_CLR_FD) = 0
[pid 5082] close(4) = 0
[pid 5082] creat("./bus", 000) = 4
[pid 5082] open("./bus", O_RDONLY) = 5
[pid 5082] creat("./bus", 000) = 6
[pid 5082] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5082] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5082] rename("./file1", "./bus") = 0
[ 69.230395][ T5083] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 69.252053][ T27] audit: type=1804 audit(1677522256.075:10): pid=5082 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/4/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5082] sendfile(4, 5, NULL, 109823) = 109823
[pid 5082] exit_group(0) = ?
[pid 5082] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./4/binderfs") = 0
[ 69.285863][ T27] audit: type=1804 audit(1677522256.075:11): pid=5082 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/4/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5084
./strace-static-x86_64: Process 5084 attached
[pid 5084] chdir("./5") = 0
[pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5084] setpgid(0, 0) = 0
[pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5084] write(3, "1000", 4) = 4
[pid 5084] close(3) = 0
[pid 5084] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5084] memfd_create("syzkaller", 0) = 3
[pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5084] munmap(0x7f21325eb000, 2097152) = 0
[pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5084] close(3) = 0
[pid 5084] mkdir("./file0", 0777) = 0
[ 69.419019][ T5084] loop0: detected capacity change from 0 to 4096
[ 69.440594][ T5084] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 69.448800][ T5084] NILFS (loop0): trying rollback from an earlier position
[pid 5084] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5084] chdir("./file0") = 0
[pid 5084] ioctl(4, LOOP_CLR_FD) = 0
[pid 5084] close(4) = 0
[pid 5084] creat("./bus", 000) = 4
[pid 5084] open("./bus", O_RDONLY) = 5
[pid 5084] creat("./bus", 000) = 6
[pid 5084] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5084] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5084] rename("./file1", "./bus") = 0
[ 69.466127][ T5084] NILFS (loop0): recovery complete
[ 69.473300][ T5085] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5084] sendfile(4, 5, NULL, 109823) = 109823
[pid 5084] exit_group(0) = ?
[pid 5084] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./5/binderfs") = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5086
./strace-static-x86_64: Process 5086 attached
[pid 5086] chdir("./6") = 0
[pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5086] setpgid(0, 0) = 0
[pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5086] write(3, "1000", 4) = 4
[pid 5086] close(3) = 0
[pid 5086] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5086] memfd_create("syzkaller", 0) = 3
[pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5086] munmap(0x7f21325eb000, 2097152) = 0
[pid 5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5086] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5086] close(3) = 0
[pid 5086] mkdir("./file0", 0777) = 0
[ 69.626275][ T5086] loop0: detected capacity change from 0 to 4096
[ 69.642549][ T5086] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 69.650605][ T5086] NILFS (loop0): trying rollback from an earlier position
[ 69.664402][ T5086] NILFS (loop0): recovery complete
[pid 5086] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5086] chdir("./file0") = 0
[pid 5086] ioctl(4, LOOP_CLR_FD) = 0
[pid 5086] close(4) = 0
[pid 5086] creat("./bus", 000) = 4
[pid 5086] open("./bus", O_RDONLY) = 5
[pid 5086] creat("./bus", 000) = 6
[pid 5086] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5086] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5086] rename("./file1", "./bus") = 0
[ 69.671237][ T5087] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5086] sendfile(4, 5, NULL, 109823) = 109823
[pid 5086] exit_group(0) = ?
[pid 5086] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} ---
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./6/binderfs") = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5088
./strace-static-x86_64: Process 5088 attached
[pid 5088] chdir("./7") = 0
[pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5088] setpgid(0, 0) = 0
[pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5088] write(3, "1000", 4) = 4
[pid 5088] close(3) = 0
[pid 5088] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5088] memfd_create("syzkaller", 0) = 3
[pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5088] munmap(0x7f21325eb000, 2097152) = 0
[pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5088] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5088] close(3) = 0
[pid 5088] mkdir("./file0", 0777) = 0
[pid 5088] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[ 69.841087][ T5088] loop0: detected capacity change from 0 to 4096
[ 69.857921][ T5088] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 69.866169][ T5088] NILFS (loop0): trying rollback from an earlier position
[ 69.880405][ T5088] NILFS (loop0): recovery complete
[pid 5088] chdir("./file0") = 0
[pid 5088] ioctl(4, LOOP_CLR_FD) = 0
[pid 5088] close(4) = 0
[pid 5088] creat("./bus", 000) = 4
[pid 5088] open("./bus", O_RDONLY) = 5
[pid 5088] creat("./bus", 000) = 6
[pid 5088] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5088] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5088] rename("./file1", "./bus") = 0
[ 69.887932][ T5089] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5088] sendfile(4, 5, NULL, 109823) = 109823
[pid 5088] exit_group(0) = ?
[pid 5088] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./7/binderfs") = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5090
./strace-static-x86_64: Process 5090 attached
[pid 5090] chdir("./8") = 0
[pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5090] setpgid(0, 0) = 0
[pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5090] write(3, "1000", 4) = 4
[pid 5090] close(3) = 0
[pid 5090] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5090] memfd_create("syzkaller", 0) = 3
[pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5090] munmap(0x7f21325eb000, 2097152) = 0
[pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5090] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5090] close(3) = 0
[pid 5090] mkdir("./file0", 0777) = 0
[ 70.065116][ T5090] loop0: detected capacity change from 0 to 4096
[ 70.084914][ T5090] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 70.093033][ T5090] NILFS (loop0): trying rollback from an earlier position
[ 70.107274][ T5090] NILFS (loop0): recovery complete
[pid 5090] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5090] chdir("./file0") = 0
[pid 5090] ioctl(4, LOOP_CLR_FD) = 0
[pid 5090] close(4) = 0
[pid 5090] creat("./bus", 000) = 4
[pid 5090] open("./bus", O_RDONLY) = 5
[pid 5090] creat("./bus", 000) = 6
[pid 5090] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5090] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5090] rename("./file1", "./bus") = 0
[ 70.113827][ T5091] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5090] sendfile(4, 5, NULL, 109823) = 109823
[pid 5090] exit_group(0) = ?
[pid 5090] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./8/binderfs") = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5092
./strace-static-x86_64: Process 5092 attached
[pid 5092] chdir("./9") = 0
[pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5092] setpgid(0, 0) = 0
[pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5092] write(3, "1000", 4) = 4
[pid 5092] close(3) = 0
[pid 5092] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5092] memfd_create("syzkaller", 0) = 3
[pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5092] munmap(0x7f21325eb000, 2097152) = 0
[pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5092] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5092] close(3) = 0
[pid 5092] mkdir("./file0", 0777) = 0
[pid 5092] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[ 70.265608][ T5092] loop0: detected capacity change from 0 to 4096
[ 70.284271][ T5092] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 70.292425][ T5092] NILFS (loop0): trying rollback from an earlier position
[ 70.306652][ T5092] NILFS (loop0): recovery complete
[pid 5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5092] chdir("./file0") = 0
[pid 5092] ioctl(4, LOOP_CLR_FD) = 0
[pid 5092] close(4) = 0
[pid 5092] creat("./bus", 000) = 4
[pid 5092] open("./bus", O_RDONLY) = 5
[pid 5092] creat("./bus", 000) = 6
[pid 5092] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5092] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5092] rename("./file1", "./bus") = 0
[ 70.314006][ T5093] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5092] sendfile(4, 5, NULL, 109823) = 109823
[pid 5092] exit_group(0) = ?
[pid 5092] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./9/binderfs") = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5094
./strace-static-x86_64: Process 5094 attached
[pid 5094] chdir("./10") = 0
[pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5094] setpgid(0, 0) = 0
[pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5094] write(3, "1000", 4) = 4
[pid 5094] close(3) = 0
[pid 5094] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5094] memfd_create("syzkaller", 0) = 3
[pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5094] munmap(0x7f21325eb000, 2097152) = 0
[pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5094] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5094] close(3) = 0
[pid 5094] mkdir("./file0", 0777) = 0
[ 70.494794][ T5094] loop0: detected capacity change from 0 to 4096
[ 70.511161][ T5094] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 70.519304][ T5094] NILFS (loop0): trying rollback from an earlier position
[ 70.533838][ T5094] NILFS (loop0): recovery complete
[pid 5094] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5094] chdir("./file0") = 0
[pid 5094] ioctl(4, LOOP_CLR_FD) = 0
[pid 5094] close(4) = 0
[pid 5094] creat("./bus", 000) = 4
[pid 5094] open("./bus", O_RDONLY) = 5
[pid 5094] creat("./bus", 000) = 6
[pid 5094] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5094] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5094] rename("./file1", "./bus") = 0
[ 70.540542][ T5095] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5094] sendfile(4, 5, NULL, 109823) = 109823
[pid 5094] exit_group(0) = ?
[pid 5094] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} ---
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./10/binderfs") = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5096
./strace-static-x86_64: Process 5096 attached
[pid 5096] chdir("./11") = 0
[pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5096] setpgid(0, 0) = 0
[pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5096] write(3, "1000", 4) = 4
[pid 5096] close(3) = 0
[pid 5096] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5096] memfd_create("syzkaller", 0) = 3
[pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5096] munmap(0x7f21325eb000, 2097152) = 0
[pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5096] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5096] close(3) = 0
[pid 5096] mkdir("./file0", 0777) = 0
[ 70.704471][ T5096] loop0: detected capacity change from 0 to 4096
[ 70.722938][ T5096] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 70.731025][ T5096] NILFS (loop0): trying rollback from an earlier position
[ 70.746356][ T5096] NILFS (loop0): recovery complete
[pid 5096] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5096] chdir("./file0") = 0
[pid 5096] ioctl(4, LOOP_CLR_FD) = 0
[pid 5096] close(4) = 0
[pid 5096] creat("./bus", 000) = 4
[pid 5096] open("./bus", O_RDONLY) = 5
[pid 5096] creat("./bus", 000) = 6
[pid 5096] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5096] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5096] rename("./file1", "./bus") = 0
[ 70.752617][ T5097] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5096] sendfile(4, 5, NULL, 109823) = 109823
[pid 5096] exit_group(0) = ?
[pid 5096] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./11/binderfs") = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5098
./strace-static-x86_64: Process 5098 attached
[pid 5098] chdir("./12") = 0
[pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5098] setpgid(0, 0) = 0
[pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5098] write(3, "1000", 4) = 4
[pid 5098] close(3) = 0
[pid 5098] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5098] memfd_create("syzkaller", 0) = 3
[pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5098] munmap(0x7f21325eb000, 2097152) = 0
[pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5098] close(3) = 0
[pid 5098] mkdir("./file0", 0777) = 0
[ 70.912946][ T5098] loop0: detected capacity change from 0 to 4096
[ 70.932761][ T5098] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 70.940857][ T5098] NILFS (loop0): trying rollback from an earlier position
[ 70.956119][ T5098] NILFS (loop0): recovery complete
[pid 5098] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5098] chdir("./file0") = 0
[pid 5098] ioctl(4, LOOP_CLR_FD) = 0
[pid 5098] close(4) = 0
[pid 5098] creat("./bus", 000) = 4
[pid 5098] open("./bus", O_RDONLY) = 5
[pid 5098] creat("./bus", 000) = 6
[pid 5098] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5098] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5098] rename("./file1", "./bus") = 0
[ 70.962462][ T5099] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5098] sendfile(4, 5, NULL, 109823) = 109823
[pid 5098] exit_group(0) = ?
[pid 5098] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./12/binderfs") = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5100
./strace-static-x86_64: Process 5100 attached
[pid 5100] chdir("./13") = 0
[pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5100] setpgid(0, 0) = 0
[pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5100] write(3, "1000", 4) = 4
[pid 5100] close(3) = 0
[pid 5100] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5100] memfd_create("syzkaller", 0) = 3
[pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5100] munmap(0x7f21325eb000, 2097152) = 0
[pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5100] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5100] close(3) = 0
[pid 5100] mkdir("./file0", 0777) = 0
[ 71.146573][ T5100] loop0: detected capacity change from 0 to 4096
[ 71.165528][ T5100] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 71.173612][ T5100] NILFS (loop0): trying rollback from an earlier position
[ 71.188446][ T5100] NILFS (loop0): recovery complete
[pid 5100] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5100] chdir("./file0") = 0
[pid 5100] ioctl(4, LOOP_CLR_FD) = 0
[pid 5100] close(4) = 0
[pid 5100] creat("./bus", 000) = 4
[pid 5100] open("./bus", O_RDONLY) = 5
[pid 5100] creat("./bus", 000) = 6
[pid 5100] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5100] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5100] rename("./file1", "./bus") = 0
[ 71.194437][ T5101] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5100] sendfile(4, 5, NULL, 109823) = 109823
[pid 5100] exit_group(0) = ?
[pid 5100] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./13/binderfs") = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5102
./strace-static-x86_64: Process 5102 attached
[pid 5102] chdir("./14") = 0
[pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5102] setpgid(0, 0) = 0
[pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5102] write(3, "1000", 4) = 4
[pid 5102] close(3) = 0
[pid 5102] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5102] memfd_create("syzkaller", 0) = 3
[pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5102] munmap(0x7f21325eb000, 2097152) = 0
[pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5102] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5102] close(3) = 0
[pid 5102] mkdir("./file0", 0777) = 0
[ 71.368623][ T5102] loop0: detected capacity change from 0 to 4096
[ 71.387909][ T5102] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 71.395987][ T5102] NILFS (loop0): trying rollback from an earlier position
[ 71.410707][ T5102] NILFS (loop0): recovery complete
[pid 5102] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5102] chdir("./file0") = 0
[pid 5102] ioctl(4, LOOP_CLR_FD) = 0
[pid 5102] close(4) = 0
[pid 5102] creat("./bus", 000) = 4
[pid 5102] open("./bus", O_RDONLY) = 5
[pid 5102] creat("./bus", 000) = 6
[pid 5102] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5102] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5102] rename("./file1", "./bus") = 0
[ 71.417044][ T5103] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5102] sendfile(4, 5, NULL, 109823) = 109823
[pid 5102] exit_group(0) = ?
[pid 5102] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./14/binderfs") = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5104
./strace-static-x86_64: Process 5104 attached
[pid 5104] chdir("./15") = 0
[pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5104] setpgid(0, 0) = 0
[pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5104] write(3, "1000", 4) = 4
[pid 5104] close(3) = 0
[pid 5104] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5104] memfd_create("syzkaller", 0) = 3
[pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5104] munmap(0x7f21325eb000, 2097152) = 0
[pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5104] close(3) = 0
[pid 5104] mkdir("./file0", 0777) = 0
[ 71.593693][ T5104] loop0: detected capacity change from 0 to 4096
[ 71.615369][ T5104] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 71.623682][ T5104] NILFS (loop0): trying rollback from an earlier position
[pid 5104] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5104] chdir("./file0") = 0
[pid 5104] ioctl(4, LOOP_CLR_FD) = 0
[pid 5104] close(4) = 0
[pid 5104] creat("./bus", 000) = 4
[pid 5104] open("./bus", O_RDONLY) = 5
[pid 5104] creat("./bus", 000) = 6
[pid 5104] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5104] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5104] rename("./file1", "./bus") = 0
[ 71.640553][ T5104] NILFS (loop0): recovery complete
[ 71.647030][ T5105] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5104] sendfile(4, 5, NULL, 109823) = 109823
[pid 5104] exit_group(0) = ?
[pid 5104] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./15/binderfs") = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5106
./strace-static-x86_64: Process 5106 attached
[pid 5106] chdir("./16") = 0
[pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5106] setpgid(0, 0) = 0
[pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5106] write(3, "1000", 4) = 4
[pid 5106] close(3) = 0
[pid 5106] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5106] memfd_create("syzkaller", 0) = 3
[pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5106] munmap(0x7f21325eb000, 2097152) = 0
[pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5106] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5106] close(3) = 0
[pid 5106] mkdir("./file0", 0777) = 0
[ 71.818656][ T5106] loop0: detected capacity change from 0 to 4096
[ 71.839082][ T5106] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 71.847269][ T5106] NILFS (loop0): trying rollback from an earlier position
[pid 5106] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5106] chdir("./file0") = 0
[pid 5106] ioctl(4, LOOP_CLR_FD) = 0
[pid 5106] close(4) = 0
[pid 5106] creat("./bus", 000) = 4
[pid 5106] open("./bus", O_RDONLY) = 5
[pid 5106] creat("./bus", 000) = 6
[pid 5106] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5106] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5106] rename("./file1", "./bus") = 0
[ 71.864695][ T5106] NILFS (loop0): recovery complete
[ 71.870818][ T5107] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5106] sendfile(4, 5, NULL, 109823) = 109823
[pid 5106] exit_group(0) = ?
[pid 5106] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./16/binderfs") = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5108
./strace-static-x86_64: Process 5108 attached
[pid 5108] chdir("./17") = 0
[pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5108] setpgid(0, 0) = 0
[pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5108] write(3, "1000", 4) = 4
[pid 5108] close(3) = 0
[pid 5108] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5108] memfd_create("syzkaller", 0) = 3
[pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5108] munmap(0x7f21325eb000, 2097152) = 0
[pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5108] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5108] close(3) = 0
[pid 5108] mkdir("./file0", 0777) = 0
[ 72.052946][ T5108] loop0: detected capacity change from 0 to 4096
[ 72.072937][ T5108] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 72.081048][ T5108] NILFS (loop0): trying rollback from an earlier position
[ 72.096085][ T5108] NILFS (loop0): recovery complete
[pid 5108] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5108] chdir("./file0") = 0
[pid 5108] ioctl(4, LOOP_CLR_FD) = 0
[pid 5108] close(4) = 0
[pid 5108] creat("./bus", 000) = 4
[pid 5108] open("./bus", O_RDONLY) = 5
[pid 5108] creat("./bus", 000) = 6
[pid 5108] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5108] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5108] rename("./file1", "./bus") = 0
[ 72.103084][ T5109] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5108] sendfile(4, 5, NULL, 109823) = 109823
[pid 5108] exit_group(0) = ?
[pid 5108] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} ---
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./17/binderfs") = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5110
./strace-static-x86_64: Process 5110 attached
[pid 5110] chdir("./18") = 0
[pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5110] setpgid(0, 0) = 0
[pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5110] write(3, "1000", 4) = 4
[pid 5110] close(3) = 0
[pid 5110] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5110] memfd_create("syzkaller", 0) = 3
[pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5110] munmap(0x7f21325eb000, 2097152) = 0
[pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5110] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5110] close(3) = 0
[pid 5110] mkdir("./file0", 0777) = 0
[ 72.359899][ T5110] loop0: detected capacity change from 0 to 4096
[ 72.381096][ T5110] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 72.389604][ T5110] NILFS (loop0): trying rollback from an earlier position
[ 72.404540][ T5110] NILFS (loop0): recovery complete
[pid 5110] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5110] chdir("./file0") = 0
[pid 5110] ioctl(4, LOOP_CLR_FD) = 0
[pid 5110] close(4) = 0
[pid 5110] creat("./bus", 000) = 4
[pid 5110] open("./bus", O_RDONLY) = 5
[pid 5110] creat("./bus", 000) = 6
[pid 5110] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5110] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5110] rename("./file1", "./bus") = 0
[ 72.410484][ T5111] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5110] sendfile(4, 5, NULL, 109823) = 109823
[pid 5110] exit_group(0) = ?
[pid 5110] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./18/binderfs") = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5112
./strace-static-x86_64: Process 5112 attached
[pid 5112] chdir("./19") = 0
[pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5112] setpgid(0, 0) = 0
[pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5112] write(3, "1000", 4) = 4
[pid 5112] close(3) = 0
[pid 5112] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5112] memfd_create("syzkaller", 0) = 3
[pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5112] munmap(0x7f21325eb000, 2097152) = 0
[pid 5112] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5112] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5112] close(3) = 0
[pid 5112] mkdir("./file0", 0777) = 0
[ 72.572962][ T5112] loop0: detected capacity change from 0 to 4096
[ 72.591156][ T5112] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 72.599314][ T5112] NILFS (loop0): trying rollback from an earlier position
[ 72.613973][ T5112] NILFS (loop0): recovery complete
[pid 5112] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5112] chdir("./file0") = 0
[pid 5112] ioctl(4, LOOP_CLR_FD) = 0
[pid 5112] close(4) = 0
[pid 5112] creat("./bus", 000) = 4
[pid 5112] open("./bus", O_RDONLY) = 5
[pid 5112] creat("./bus", 000) = 6
[pid 5112] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5112] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5112] rename("./file1", "./bus") = 0
[ 72.620173][ T5113] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5112] sendfile(4, 5, NULL, 109823) = 109823
[pid 5112] exit_group(0) = ?
[pid 5112] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./19/binderfs") = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5114
./strace-static-x86_64: Process 5114 attached
[pid 5114] chdir("./20") = 0
[pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5114] setpgid(0, 0) = 0
[pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5114] write(3, "1000", 4) = 4
[pid 5114] close(3) = 0
[pid 5114] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5114] memfd_create("syzkaller", 0) = 3
[pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5114] munmap(0x7f21325eb000, 2097152) = 0
[pid 5114] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5114] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5114] close(3) = 0
[pid 5114] mkdir("./file0", 0777) = 0
[ 72.793567][ T5114] loop0: detected capacity change from 0 to 4096
[ 72.813033][ T5114] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 72.821050][ T5114] NILFS (loop0): trying rollback from an earlier position
[ 72.836120][ T5114] NILFS (loop0): recovery complete
[pid 5114] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5114] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5114] chdir("./file0") = 0
[pid 5114] ioctl(4, LOOP_CLR_FD) = 0
[pid 5114] close(4) = 0
[pid 5114] creat("./bus", 000) = 4
[pid 5114] open("./bus", O_RDONLY) = 5
[pid 5114] creat("./bus", 000) = 6
[pid 5114] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5114] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5114] rename("./file1", "./bus") = 0
[ 72.842511][ T5115] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5114] sendfile(4, 5, NULL, 109823) = 109823
[pid 5114] exit_group(0) = ?
[pid 5114] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./20/binderfs") = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5116
./strace-static-x86_64: Process 5116 attached
[pid 5116] chdir("./21") = 0
[pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5116] setpgid(0, 0) = 0
[pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5116] write(3, "1000", 4) = 4
[pid 5116] close(3) = 0
[pid 5116] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5116] memfd_create("syzkaller", 0) = 3
[pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5116] munmap(0x7f21325eb000, 2097152) = 0
[pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5116] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5116] close(3) = 0
[pid 5116] mkdir("./file0", 0777) = 0
[ 73.007785][ T5116] loop0: detected capacity change from 0 to 4096
[ 73.029141][ T5116] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 73.037244][ T5116] NILFS (loop0): trying rollback from an earlier position
[ 73.051554][ T5116] NILFS (loop0): recovery complete
[pid 5116] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5116] chdir("./file0") = 0
[pid 5116] ioctl(4, LOOP_CLR_FD) = 0
[pid 5116] close(4) = 0
[pid 5116] creat("./bus", 000) = 4
[pid 5116] open("./bus", O_RDONLY) = 5
[pid 5116] creat("./bus", 000) = 6
[pid 5116] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5116] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5116] rename("./file1", "./bus") = 0
[ 73.058150][ T5117] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5116] sendfile(4, 5, NULL, 109823) = 109823
[pid 5116] exit_group(0) = ?
[pid 5116] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./21/binderfs") = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5118
./strace-static-x86_64: Process 5118 attached
[pid 5118] chdir("./22") = 0
[pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5118] setpgid(0, 0) = 0
[pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5118] write(3, "1000", 4) = 4
[pid 5118] close(3) = 0
[pid 5118] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5118] memfd_create("syzkaller", 0) = 3
[pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5118] munmap(0x7f21325eb000, 2097152) = 0
[pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5118] close(3) = 0
[pid 5118] mkdir("./file0", 0777) = 0
[ 73.236500][ T5118] loop0: detected capacity change from 0 to 4096
[ 73.253354][ T5118] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 73.261556][ T5118] NILFS (loop0): trying rollback from an earlier position
[ 73.277315][ T5118] NILFS (loop0): recovery complete
[pid 5118] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5118] chdir("./file0") = 0
[pid 5118] ioctl(4, LOOP_CLR_FD) = 0
[pid 5118] close(4) = 0
[pid 5118] creat("./bus", 000) = 4
[pid 5118] open("./bus", O_RDONLY) = 5
[pid 5118] creat("./bus", 000) = 6
[ 73.283528][ T5119] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 73.299522][ T27] kauditd_printk_skb: 34 callbacks suppressed
[ 73.299537][ T27] audit: type=1804 audit(1677522260.115:46): pid=5118 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/22/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5118] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5118] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5118] rename("./file1", "./bus") = 0
[pid 5118] sendfile(4, 5, NULL, 109823) = 109823
[pid 5118] exit_group(0) = ?
[pid 5118] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./22/binderfs") = 0
[ 73.331573][ T27] audit: type=1804 audit(1677522260.155:47): pid=5118 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/22/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5120
./strace-static-x86_64: Process 5120 attached
[pid 5120] chdir("./23") = 0
[pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5120] setpgid(0, 0) = 0
[pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5120] write(3, "1000", 4) = 4
[pid 5120] close(3) = 0
[pid 5120] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5120] memfd_create("syzkaller", 0) = 3
[pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5120] munmap(0x7f21325eb000, 2097152) = 0
[pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5120] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5120] close(3) = 0
[pid 5120] mkdir("./file0", 0777) = 0
[ 73.484223][ T5120] loop0: detected capacity change from 0 to 4096
[ 73.502654][ T5120] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 73.510741][ T5120] NILFS (loop0): trying rollback from an earlier position
[ 73.526099][ T5120] NILFS (loop0): recovery complete
[pid 5120] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5120] chdir("./file0") = 0
[pid 5120] ioctl(4, LOOP_CLR_FD) = 0
[pid 5120] close(4) = 0
[pid 5120] creat("./bus", 000) = 4
[pid 5120] open("./bus", O_RDONLY) = 5
[pid 5120] creat("./bus", 000) = 6
[pid 5120] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5120] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[ 73.532562][ T5121] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 73.554316][ T27] audit: type=1804 audit(1677522260.375:48): pid=5120 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/23/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5120] rename("./file1", "./bus") = 0
[pid 5120] sendfile(4, 5, NULL, 109823) = 109823
[pid 5120] exit_group(0) = ?
[pid 5120] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./23/binderfs") = 0
[ 73.578207][ T27] audit: type=1804 audit(1677522260.395:49): pid=5120 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/23/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5122
./strace-static-x86_64: Process 5122 attached
[pid 5122] chdir("./24") = 0
[pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5122] setpgid(0, 0) = 0
[pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5122] write(3, "1000", 4) = 4
[pid 5122] close(3) = 0
[pid 5122] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5122] memfd_create("syzkaller", 0) = 3
[pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5122] munmap(0x7f21325eb000, 2097152) = 0
[pid 5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5122] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5122] close(3) = 0
[pid 5122] mkdir("./file0", 0777) = 0
[ 73.710348][ T5122] loop0: detected capacity change from 0 to 4096
[ 73.730159][ T5122] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 73.738345][ T5122] NILFS (loop0): trying rollback from an earlier position
[pid 5122] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5122] chdir("./file0") = 0
[pid 5122] ioctl(4, LOOP_CLR_FD) = 0
[pid 5122] close(4) = 0
[pid 5122] creat("./bus", 000) = 4
[pid 5122] open("./bus", O_RDONLY) = 5
[pid 5122] creat("./bus", 000) = 6
[pid 5122] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5122] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[ 73.755883][ T5122] NILFS (loop0): recovery complete
[ 73.771619][ T5123] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5122] rename("./file1", "./bus") = 0
[pid 5122] sendfile(4, 5, NULL, 109823) = 109823
[pid 5122] exit_group(0) = ?
[pid 5122] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 73.789681][ T27] audit: type=1804 audit(1677522260.605:50): pid=5122 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/24/file0/bus" dev="loop0" ino=12 res=1 errno=0
[ 73.813180][ T27] audit: type=1804 audit(1677522260.615:51): pid=5122 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/24/file0/bus" dev="loop0" ino=12 res=1 errno=0
unlink("./24/binderfs") = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5124
./strace-static-x86_64: Process 5124 attached
[pid 5124] chdir("./25") = 0
[pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5124] setpgid(0, 0) = 0
[pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5124] write(3, "1000", 4) = 4
[pid 5124] close(3) = 0
[pid 5124] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5124] memfd_create("syzkaller", 0) = 3
[pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5124] munmap(0x7f21325eb000, 2097152) = 0
[pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5124] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5124] close(3) = 0
[pid 5124] mkdir("./file0", 0777) = 0
[ 73.963125][ T5124] loop0: detected capacity change from 0 to 4096
[ 73.981101][ T5124] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 73.989519][ T5124] NILFS (loop0): trying rollback from an earlier position
[ 74.004531][ T5124] NILFS (loop0): recovery complete
[pid 5124] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5124] chdir("./file0") = 0
[pid 5124] ioctl(4, LOOP_CLR_FD) = 0
[pid 5124] close(4) = 0
[pid 5124] creat("./bus", 000) = 4
[pid 5124] open("./bus", O_RDONLY) = 5
[pid 5124] creat("./bus", 000) = 6
[ 74.011025][ T5125] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 74.037811][ T27] audit: type=1804 audit(1677522260.855:52): pid=5124 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/25/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5124] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5124] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5124] rename("./file1", "./bus") = 0
[pid 5124] sendfile(4, 5, NULL, 109823) = 109823
[pid 5124] exit_group(0) = ?
[pid 5124] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./25/binderfs") = 0
[ 74.060834][ T27] audit: type=1804 audit(1677522260.865:53): pid=5124 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/25/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5126
./strace-static-x86_64: Process 5126 attached
[pid 5126] chdir("./26") = 0
[pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5126] setpgid(0, 0) = 0
[pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5126] write(3, "1000", 4) = 4
[pid 5126] close(3) = 0
[pid 5126] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5126] memfd_create("syzkaller", 0) = 3
[pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5126] munmap(0x7f21325eb000, 2097152) = 0
[pid 5126] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5126] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5126] close(3) = 0
[pid 5126] mkdir("./file0", 0777) = 0
[ 74.201340][ T5126] loop0: detected capacity change from 0 to 4096
[ 74.219678][ T5126] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 74.228557][ T5126] NILFS (loop0): trying rollback from an earlier position
[ 74.243482][ T5126] NILFS (loop0): recovery complete
[pid 5126] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5126] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5126] chdir("./file0") = 0
[pid 5126] ioctl(4, LOOP_CLR_FD) = 0
[pid 5126] close(4) = 0
[pid 5126] creat("./bus", 000) = 4
[pid 5126] open("./bus", O_RDONLY) = 5
[pid 5126] creat("./bus", 000) = 6
[ 74.249949][ T5127] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 74.277002][ T27] audit: type=1804 audit(1677522261.095:54): pid=5126 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor350" name="/root/syzkaller.p0aSFK/26/file0/bus" dev="loop0" ino=12 res=1 errno=0
[pid 5126] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5126] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5126] rename("./file1", "./bus") = 0
[pid 5126] sendfile(4, 5, NULL, 109823) = 109823
[pid 5126] exit_group(0) = ?
[pid 5126] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
[ 74.299499][ T27] audit: type=1804 audit(1677522261.105:55): pid=5126 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor350" name="/root/syzkaller.p0aSFK/26/file0/bus" dev="loop0" ino=12 res=1 errno=0
umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./26/binderfs") = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5128 attached
<unfinished ...>
[pid 5128] chdir("./27") = 0
[pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5128] setpgid(0, 0) = 0
[pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5128] write(3, "1000", 4) = 4
[pid 5128] close(3) = 0
[pid 5128] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5128] memfd_create("syzkaller", 0) = 3
[pid 5072] <... clone resumed>, child_tidptr=0x5555563ea5d0) = 5128
[pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5128] munmap(0x7f21325eb000, 2097152) = 0
[pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5128] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5128] close(3) = 0
[pid 5128] mkdir("./file0", 0777) = 0
[ 74.461761][ T5128] loop0: detected capacity change from 0 to 4096
[ 74.480935][ T5128] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 74.489117][ T5128] NILFS (loop0): trying rollback from an earlier position
[ 74.503303][ T5128] NILFS (loop0): recovery complete
[pid 5128] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5128] chdir("./file0") = 0
[pid 5128] ioctl(4, LOOP_CLR_FD) = 0
[pid 5128] close(4) = 0
[pid 5128] creat("./bus", 000) = 4
[pid 5128] open("./bus", O_RDONLY) = 5
[pid 5128] creat("./bus", 000) = 6
[pid 5128] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5128] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5128] rename("./file1", "./bus") = 0
[ 74.509380][ T5129] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5128] sendfile(4, 5, NULL, 109823) = 109823
[pid 5128] exit_group(0) = ?
[pid 5128] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./27/binderfs") = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5130
./strace-static-x86_64: Process 5130 attached
[pid 5130] chdir("./28") = 0
[pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5130] setpgid(0, 0) = 0
[pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5130] write(3, "1000", 4) = 4
[pid 5130] close(3) = 0
[pid 5130] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5130] memfd_create("syzkaller", 0) = 3
[pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5130] munmap(0x7f21325eb000, 2097152) = 0
[pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5130] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5130] close(3) = 0
[pid 5130] mkdir("./file0", 0777) = 0
[ 74.681984][ T5130] loop0: detected capacity change from 0 to 4096
[ 74.698383][ T5130] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 74.706465][ T5130] NILFS (loop0): trying rollback from an earlier position
[ 74.725339][ T5130] NILFS (loop0): recovery complete
[pid 5130] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5130] chdir("./file0") = 0
[pid 5130] ioctl(4, LOOP_CLR_FD) = 0
[pid 5130] close(4) = 0
[pid 5130] creat("./bus", 000) = 4
[pid 5130] open("./bus", O_RDONLY) = 5
[pid 5130] creat("./bus", 000) = 6
[pid 5130] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5130] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5130] rename("./file1", "./bus") = 0
[pid 5130] sendfile(4, 5, NULL, 109823) = 109823
[ 74.731783][ T5131] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5130] exit_group(0) = ?
[pid 5130] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./28/binderfs") = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5132
./strace-static-x86_64: Process 5132 attached
[pid 5132] chdir("./29") = 0
[pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5132] setpgid(0, 0) = 0
[pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5132] write(3, "1000", 4) = 4
[pid 5132] close(3) = 0
[pid 5132] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5132] memfd_create("syzkaller", 0) = 3
[pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5132] munmap(0x7f21325eb000, 2097152) = 0
[pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5132] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5132] close(3) = 0
[pid 5132] mkdir("./file0", 0777) = 0
[ 74.890518][ T5132] loop0: detected capacity change from 0 to 4096
[ 74.909789][ T5132] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 74.917892][ T5132] NILFS (loop0): trying rollback from an earlier position
[ 74.932966][ T5132] NILFS (loop0): recovery complete
[pid 5132] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5132] chdir("./file0") = 0
[pid 5132] ioctl(4, LOOP_CLR_FD) = 0
[pid 5132] close(4) = 0
[pid 5132] creat("./bus", 000) = 4
[pid 5132] open("./bus", O_RDONLY) = 5
[pid 5132] creat("./bus", 000) = 6
[pid 5132] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5132] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5132] rename("./file1", "./bus") = 0
[ 74.939220][ T5133] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5132] sendfile(4, 5, NULL, 109823) = 109823
[pid 5132] exit_group(0) = ?
[pid 5132] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./29/binderfs") = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5134 attached
, child_tidptr=0x5555563ea5d0) = 5134
[pid 5134] chdir("./30") = 0
[pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5134] setpgid(0, 0) = 0
[pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5134] write(3, "1000", 4) = 4
[pid 5134] close(3) = 0
[pid 5134] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5134] memfd_create("syzkaller", 0) = 3
[pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5134] munmap(0x7f21325eb000, 2097152) = 0
[pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5134] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5134] close(3) = 0
[pid 5134] mkdir("./file0", 0777) = 0
[ 75.116512][ T5134] loop0: detected capacity change from 0 to 4096
[ 75.136898][ T5134] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 75.145064][ T5134] NILFS (loop0): trying rollback from an earlier position
[pid 5134] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5134] chdir("./file0") = 0
[pid 5134] ioctl(4, LOOP_CLR_FD) = 0
[pid 5134] close(4) = 0
[pid 5134] creat("./bus", 000) = 4
[pid 5134] open("./bus", O_RDONLY) = 5
[pid 5134] creat("./bus", 000) = 6
[pid 5134] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5134] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5134] rename("./file1", "./bus") = 0
[ 75.163672][ T5134] NILFS (loop0): recovery complete
[ 75.170889][ T5135] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5134] sendfile(4, 5, NULL, 109823) = 109823
[pid 5134] exit_group(0) = ?
[pid 5134] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./30/binderfs") = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5136
./strace-static-x86_64: Process 5136 attached
[pid 5136] chdir("./31") = 0
[pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5136] setpgid(0, 0) = 0
[pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5136] write(3, "1000", 4) = 4
[pid 5136] close(3) = 0
[pid 5136] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5136] memfd_create("syzkaller", 0) = 3
[pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5136] munmap(0x7f21325eb000, 2097152) = 0
[pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5136] close(3) = 0
[pid 5136] mkdir("./file0", 0777) = 0
[ 75.355846][ T5136] loop0: detected capacity change from 0 to 4096
[ 75.372209][ T5136] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 75.380236][ T5136] NILFS (loop0): trying rollback from an earlier position
[ 75.395017][ T5136] NILFS (loop0): recovery complete
[pid 5136] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5136] chdir("./file0") = 0
[pid 5136] ioctl(4, LOOP_CLR_FD) = 0
[pid 5136] close(4) = 0
[pid 5136] creat("./bus", 000) = 4
[pid 5136] open("./bus", O_RDONLY) = 5
[pid 5136] creat("./bus", 000) = 6
[pid 5136] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5136] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[ 75.400913][ T5137] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5136] rename("./file1", "./bus") = 0
[pid 5136] sendfile(4, 5, NULL, 109823) = 109823
[pid 5136] exit_group(0) = ?
[pid 5136] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} ---
umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./31/binderfs") = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5138
./strace-static-x86_64: Process 5138 attached
[pid 5138] chdir("./32") = 0
[pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5138] setpgid(0, 0) = 0
[pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5138] write(3, "1000", 4) = 4
[pid 5138] close(3) = 0
[pid 5138] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5138] memfd_create("syzkaller", 0) = 3
[pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5138] munmap(0x7f21325eb000, 2097152) = 0
[pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5138] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5138] close(3) = 0
[pid 5138] mkdir("./file0", 0777) = 0
[ 75.577188][ T5138] loop0: detected capacity change from 0 to 4096
[ 75.593752][ T5138] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 75.601834][ T5138] NILFS (loop0): trying rollback from an earlier position
[ 75.616314][ T5138] NILFS (loop0): recovery complete
[pid 5138] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5138] chdir("./file0") = 0
[pid 5138] ioctl(4, LOOP_CLR_FD) = 0
[pid 5138] close(4) = 0
[pid 5138] creat("./bus", 000) = 4
[pid 5138] open("./bus", O_RDONLY) = 5
[pid 5138] creat("./bus", 000) = 6
[pid 5138] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5138] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5138] rename("./file1", "./bus") = 0
[ 75.622279][ T5139] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5138] sendfile(4, 5, NULL, 109823) = 109823
[pid 5138] exit_group(0) = ?
[pid 5138] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} ---
umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./32/binderfs") = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5140
./strace-static-x86_64: Process 5140 attached
[pid 5140] chdir("./33") = 0
[pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5140] setpgid(0, 0) = 0
[pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5140] write(3, "1000", 4) = 4
[pid 5140] close(3) = 0
[pid 5140] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5140] memfd_create("syzkaller", 0) = 3
[pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5140] munmap(0x7f21325eb000, 2097152) = 0
[pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5140] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5140] close(3) = 0
[pid 5140] mkdir("./file0", 0777) = 0
[ 75.801711][ T5140] loop0: detected capacity change from 0 to 4096
[ 75.820948][ T5140] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 75.829063][ T5140] NILFS (loop0): trying rollback from an earlier position
[ 75.845160][ T5140] NILFS (loop0): recovery complete
[pid 5140] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5140] chdir("./file0") = 0
[pid 5140] ioctl(4, LOOP_CLR_FD) = 0
[pid 5140] close(4) = 0
[pid 5140] creat("./bus", 000) = 4
[pid 5140] open("./bus", O_RDONLY) = 5
[pid 5140] creat("./bus", 000) = 6
[pid 5140] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5140] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5140] rename("./file1", "./bus") = 0
[ 75.851784][ T5141] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5140] sendfile(4, 5, NULL, 109823) = 109823
[pid 5140] exit_group(0) = ?
[pid 5140] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./33/binderfs") = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5142
./strace-static-x86_64: Process 5142 attached
[pid 5142] chdir("./34") = 0
[pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5142] setpgid(0, 0) = 0
[pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5142] write(3, "1000", 4) = 4
[pid 5142] close(3) = 0
[pid 5142] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5142] memfd_create("syzkaller", 0) = 3
[pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5142] munmap(0x7f21325eb000, 2097152) = 0
[pid 5142] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5142] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5142] close(3) = 0
[pid 5142] mkdir("./file0", 0777) = 0
[ 76.027931][ T5142] loop0: detected capacity change from 0 to 4096
[ 76.049360][ T5142] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 76.057529][ T5142] NILFS (loop0): trying rollback from an earlier position
[pid 5142] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5142] chdir("./file0") = 0
[pid 5142] ioctl(4, LOOP_CLR_FD) = 0
[pid 5142] close(4) = 0
[pid 5142] creat("./bus", 000) = 4
[pid 5142] open("./bus", O_RDONLY) = 5
[pid 5142] creat("./bus", 000) = 6
[pid 5142] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5142] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5142] rename("./file1", "./bus") = 0
[ 76.074927][ T5142] NILFS (loop0): recovery complete
[ 76.080888][ T5143] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5142] sendfile(4, 5, NULL, 109823) = 109823
[pid 5142] exit_group(0) = ?
[pid 5142] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./34/binderfs") = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x5555563f3660 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555563f3660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x5555563eb620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555563ea5d0) = 5144
./strace-static-x86_64: Process 5144 attached
[pid 5144] chdir("./35") = 0
[pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5144] setpgid(0, 0) = 0
[pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5144] write(3, "1000", 4) = 4
[pid 5144] close(3) = 0
[pid 5144] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5144] memfd_create("syzkaller", 0) = 3
[pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f21325eb000
[pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 2097152) = 2097152
[pid 5144] munmap(0x7f21325eb000, 2097152) = 0
[pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5144] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5144] close(3) = 0
[pid 5144] mkdir("./file0", 0777) = 0
[ 76.238014][ T5144] loop0: detected capacity change from 0 to 4096
[ 76.274936][ T5144] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 76.283622][ T5144] NILFS (loop0): trying rollback from an earlier position
[pid 5144] mount("/dev/loop0", "./file0", "nilfs2", MS_NOEXEC|MS_SYNCHRONOUS|MS_POSIXACL, "") = 0
[pid 5144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5144] chdir("./file0") = 0
[pid 5144] ioctl(4, LOOP_CLR_FD) = 0
[pid 5144] close(4) = 0
[ 76.310483][ T5144] NILFS (loop0): recovery complete
[pid 5144] creat("./bus", 000) = 4
[pid 5144] open("./bus", O_RDONLY) = 5
[pid 5144] creat("./bus", 000) = 6
[pid 5144] open("./file1", O_RDONLY|O_CREAT|O_LARGEFILE|O_DIRECTORY|FASYNC, 0500) = -1 ENOTDIR (Not a directory)
[pid 5144] pwritev2(6, [{iov_base=")", iov_len=1}], 1, 117443584, 0) = 1
[pid 5144] rename("./file1", "./bus") = 0
[ 76.334365][ T5145] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[pid 5144] sendfile(4, 5, NULL, 109823) = 109823
[pid 5144] exit_group(0) = ?
[pid 5144] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} ---
umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x5555563eb620 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./35/binderfs") = 0
[ 81.353165][ T897] cfg80211: failed to load regulatory.db
[ 286.152035][ T28] INFO: task syz-executor350:5072 blocked for more than 143 seconds.
[ 286.160226][ T28] Not tainted 6.2.0-syzkaller-12485-gf3a2439f20d9 #0
[ 286.167684][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.176441][ T28] task:syz-executor350 state:D stack:22120 pid:5072 ppid:5069 flags:0x00004002
[ 286.185759][ T28] Call Trace:
[ 286.189064][ T28] <TASK>
[ 286.192061][ T28] __schedule+0x17d8/0x4990
[ 286.196717][ T28] ? look_up_lock_class+0x77/0x140
[ 286.202002][ T28] ? release_firmware_map_entry+0x190/0x190
[ 286.207922][ T28] ? rcu_read_lock_sched_held+0x8d/0x130
[ 286.213665][ T28] ? mark_lock+0x9a/0x340
[ 286.218031][ T28] schedule+0xc3/0x180
[ 286.222186][ T28] schedule_timeout+0xb0/0x310
[ 286.226992][ T28] ? console_conditional_schedule+0x40/0x40
[ 286.232967][ T28] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[ 286.238987][ T28] ? do_raw_spin_unlock+0x13b/0x8b0
[ 286.244268][ T28] ? _raw_spin_unlock_irq+0x23/0x50
[ 286.249523][ T28] ? lockdep_hardirqs_on+0x98/0x140
[ 286.254800][ T28] do_wait_for_common+0x449/0x5f0
[ 286.259870][ T28] ? console_conditional_schedule+0x40/0x40
[ 286.265895][ T28] ? bit_wait_io_timeout+0x120/0x120
[ 286.271217][ T28] ? _raw_spin_lock_irq+0xdf/0x120
[ 286.276466][ T28] ? start_flush_work+0x77c/0x830
[ 286.281572][ T28] wait_for_completion+0x4a/0x60
[ 286.286526][ T28] __flush_work+0x130/0x1b0
[ 286.291054][ T28] ? flush_work+0x20/0x20
[ 286.295500][ T28] ? start_flush_work+0x830/0x830
[ 286.300596][ T28] ? do_raw_spin_unlock+0x13b/0x8b0
[ 286.305903][ T28] ? finish_wait+0xcd/0x1e0
[ 286.310449][ T28] nilfs_detach_log_writer+0x4a4/0xbd0
[ 286.316000][ T28] ? __might_sleep+0xc0/0xc0
[ 286.320767][ T28] ? nilfs_attach_log_writer+0x8b0/0x8b0
[ 286.326511][ T28] ? hook_sb_delete+0xa07/0xb30
[ 286.331460][ T28] ? wake_bit_function+0x220/0x220
[ 286.336598][ T28] ? hook_inode_free_security+0xb0/0xb0
[ 286.342223][ T28] ? clear_inode+0x150/0x150
[ 286.346848][ T28] ? nilfs_free_inode+0x70/0x70
[ 286.351772][ T28] nilfs_put_super+0x4f/0x150
[ 286.356492][ T28] ? nilfs_free_inode+0x70/0x70
[ 286.361423][ T28] generic_shutdown_super+0x134/0x340
[ 286.366829][ T28] kill_block_super+0x7e/0xe0
[ 286.371597][ T28] deactivate_locked_super+0xa4/0x110
[ 286.376998][ T28] cleanup_mnt+0x490/0x520
[ 286.381490][ T28] ? lockdep_hardirqs_on+0x98/0x140
[ 286.386730][ T28] task_work_run+0x24a/0x300
[ 286.391629][ T28] ? dput+0x3a1/0x420
[ 286.395858][ T28] ? task_work_cancel+0x2b0/0x2b0
[ 286.402413][ T28] ptrace_notify+0x2cd/0x380
[ 286.407052][ T28] ? do_notify_parent+0xf50/0xf50
[ 286.412159][ T28] ? user_path_at_empty+0x12f/0x180
[ 286.417410][ T28] ? __x64_sys_umount+0x126/0x170
[ 286.422533][ T28] ? path_umount+0xef0/0xef0
[ 286.427167][ T28] ? syscall_enter_from_user_mode+0x32/0x2c0
[ 286.433258][ T28] syscall_exit_to_user_mode+0x17a/0x2e0
[ 286.439035][ T28] do_syscall_64+0x4d/0xc0
[ 286.443560][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 286.449515][ T28] RIP: 0033:0x7f213aa39e07
[ 286.454013][ T28] RSP: 002b:00007ffead117e58 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6
[ 286.462601][ T28] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f213aa39e07
[ 286.470603][ T28] RDX: 00007ffead117f1a RSI: 000000000000000a RDI: 00007ffead117f10
[ 286.478707][ T28] RBP: 00007ffead117f10 R08: 00000000ffffffff R09: 00007ffead117cf0
[ 286.486770][ T28] R10: 00005555563eb653 R11: 0000000000000202 R12: 00007ffead118f80
[ 286.494811][ T28] R13: 00005555563eb5f0 R14: 00007ffead117e80 R15: 0000000000000024
[ 286.502877][ T28] </TASK>
[ 286.505919][ T28]
[ 286.505919][ T28] Showing all locks held in the system:
[ 286.513725][ T28] 3 locks held by kworker/0:0/7:
[ 286.518693][ T28] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x77f/0x13a0
[ 286.529181][ T28] #1: ffffc900000c7d20 ((work_completion)(&sci->sc_iput_work)){+.+.}-{0:0}, at: process_one_work+0x7c6/0x13a0
[ 286.541077][ T28] #2: ffff888028788650 (sb_internal#2){.+.+}-{0:0}, at: nilfs_evict_inode+0x166/0x420
[ 286.550874][ T28] 1 lock held by rcu_tasks_kthre/12:
[ 286.556286][ T28] #0: ffffffff8d127c70 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xd20
[ 286.566936][ T28] 1 lock held by rcu_tasks_trace/13:
[ 286.572310][ T28] #0: ffffffff8d128470 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xd20
[ 286.583370][ T28] 1 lock held by khungtaskd/28:
[ 286.588238][ T28] #0: ffffffff8d127aa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[ 286.597696][ T28] 2 locks held by getty/4748:
[ 286.602417][ T28] #0: ffff88802d371098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 286.612243][ T28] #1: ffffc900015802f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ab/0x1db0
[ 286.622434][ T28] 1 lock held by syz-executor350/5072:
[ 286.627893][ T28] #0: ffff8880287880e0 (&type->s_umount_key#43){+.+.}-{3:3}, at: deactivate_super+0xad/0xf0
[ 286.638270][ T28]
[ 286.640630][ T28] =============================================
[ 286.640630][ T28]
[ 286.649126][ T28] NMI backtrace for cpu 1
[ 286.653474][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-syzkaller-12485-gf3a2439f20d9 #0
[ 286.662949][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 286.673015][ T28] Call Trace:
[ 286.676303][ T28] <TASK>
[ 286.679240][ T28] dump_stack_lvl+0x1e7/0x2d0
[ 286.683930][ T28] ? nf_tcp_handle_invalid+0x650/0x650
[ 286.689483][ T28] ? panic+0x770/0x770
[ 286.693554][ T28] ? tick_nohz_tick_stopped+0x7b/0xb0
[ 286.699026][ T28] nmi_cpu_backtrace+0x4e5/0x560
[ 286.703983][ T28] ? vprintk_emit+0x10d/0x1f0
[ 286.708686][ T28] ? nmi_trigger_cpumask_backtrace+0x410/0x410
[ 286.714850][ T28] ? _printk+0xd5/0x120
[ 286.719025][ T28] ? panic+0x770/0x770
[ 286.723118][ T28] ? __wake_up_klogd+0xcc/0x100
[ 286.728068][ T28] ? panic+0x770/0x770
[ 286.732147][ T28] ? __rcu_read_unlock+0x96/0x100
[ 286.737189][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10
[ 286.743263][ T28] nmi_trigger_cpumask_backtrace+0x1b4/0x410
[ 286.749263][ T28] watchdog+0x1024/0x1070
[ 286.753616][ T28] kthread+0x270/0x300
[ 286.757695][ T28] ? hungtask_pm_notify+0x90/0x90
[ 286.762737][ T28] ? kthread_blkcg+0xd0/0xd0
[ 286.767345][ T28] ret_from_fork+0x1f/0x30
[ 286.771794][ T28] </TASK>
[ 286.774931][ T28] Sending NMI from CPU 1 to CPUs 0:
[ 286.780292][ C0] NMI backtrace for cpu 0
[ 286.780302][ C0] CPU: 0 PID: 11 Comm: kworker/u4:1 Not tainted 6.2.0-syzkaller-12485-gf3a2439f20d9 #0
[ 286.780319][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 286.780329][ C0] Workqueue: events_unbound toggle_allocation_gate
[ 286.780351][ C0] RIP: 0010:lock_is_held_type+0xaf/0x190
[ 286.780371][ C0] Code: 0a 00 00 00 7e 47 4c 89 ed 48 81 c5 38 0a 00 00 31 db 48 83 fb 31 73 24 48 89 ef 4c 89 fe e8 28 02 00 00 85 c0 75 2a 48 ff c3 <49> 63 85 30 0a 00 00 48 83 c5 28 48 39 c3 7c d8 eb 11 48 c7 c7 e0
[ 286.780384][ C0] RSP: 0018:ffffc900001075f8 EFLAGS: 00000002
[ 286.780396][ C0] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000080000002
[ 286.780406][ C0] RDX: 0000000000000000 RSI: ffffffff8d127a20 RDI: ffff8880167f44e0
[ 286.780417][ C0] RBP: ffff8880167f44e0 R08: dffffc0000000000 R09: fffffbfff1ce8fe6
[ 286.780428][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000246
[ 286.780438][ C0] R13: ffff8880167f3a80 R14: 00000000ffffffff R15: ffffffff8d127a20
[ 286.780449][ C0] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 286.780462][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 286.780472][ C0] CR2: 0000561e13f9e600 CR3: 000000000cf30000 CR4: 00000000003506f0
[ 286.780486][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 286.780495][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 286.780504][ C0] Call Trace:
[ 286.780508][ C0] <TASK>
[ 286.780515][ C0] ? __text_poke+0x88b/0xa00
[ 286.780537][ C0] rcu_read_lock_sched_held+0x8d/0x130
[ 286.780562][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 286.780590][ C0] ? rcu_read_lock_sched_held+0x8d/0x130
[ 286.780616][ C0] lock_release+0x10f/0xab0
[ 286.780634][ C0] ? mark_lock+0x9a/0x340
[ 286.780649][ C0] ? __lock_acquire+0x1f80/0x1f80
[ 286.780664][ C0] ? lockdep_hardirqs_on_prepare+0x43c/0x7a0
[ 286.780681][ C0] ? print_irqtrace_events+0x220/0x220
[ 286.780698][ C0] ? kmem_cache_alloc+0x63/0x280
[ 286.780723][ C0] _raw_spin_unlock+0x16/0x40
[ 286.780747][ C0] __text_poke+0x88b/0xa00
[ 286.780768][ C0] ? kmem_cache_alloc+0x63/0x280
[ 286.780792][ C0] ? __text_poke+0xa00/0xa00
[ 286.780813][ C0] ? text_poke+0x90/0x90
[ 286.780832][ C0] ? kmem_cache_alloc_bulk+0xe3/0x4c0
[ 286.780847][ C0] ? perf_event_text_poke+0x258/0x330
[ 286.780870][ C0] ? perf_event_bpf_output+0x2e0/0x2e0
[ 286.780892][ C0] ? trace_contention_end+0x80/0x1e0
[ 286.780919][ C0] text_poke_bp_batch+0x66f/0x950
[ 286.780944][ C0] ? kmem_cache_alloc_bulk+0xe4/0x4c0
[ 286.780959][ C0] ? text_poke_loc_init+0x680/0x680
[ 286.780982][ C0] ? arch_jump_label_transform_queue+0x81/0xd0
[ 286.781004][ C0] text_poke_finish+0x1a/0x30
[ 286.781024][ C0] arch_jump_label_transform_apply+0x17/0x30
[ 286.781042][ C0] static_key_disable_cpuslocked+0xce/0x1b0
[ 286.781067][ C0] static_key_disable+0x1a/0x20
[ 286.781089][ C0] toggle_allocation_gate+0x1b8/0x250
[ 286.781105][ C0] ? virt_to_slab+0x2b0/0x2b0
[ 286.781120][ C0] ? wake_bit_function+0x220/0x220
[ 286.781135][ C0] ? __bpf_trace_rcu_stall_warning+0x10/0x10
[ 286.781160][ C0] ? do_raw_spin_unlock+0x13b/0x8b0
[ 286.781179][ C0] ? _raw_spin_unlock_irq+0x23/0x50
[ 286.781205][ C0] process_one_work+0x915/0x13a0
[ 286.781238][ C0] ? worker_detach_from_pool+0x290/0x290
[ 286.781259][ C0] ? _raw_spin_lock_irqsave+0x120/0x120
[ 286.781282][ C0] ? kthread_data+0x52/0xc0
[ 286.781304][ C0] ? wq_worker_running+0x9b/0x1a0
[ 286.781323][ C0] worker_thread+0xa63/0x1210
[ 286.781357][ C0] kthread+0x270/0x300
[ 286.781373][ C0] ? pr_cont_work+0x5e0/0x5e0
[ 286.781391][ C0] ? kthread_blkcg+0xd0/0xd0
[ 286.781407][ C0] ret_from_fork+0x1f/0x30
[ 286.781435][ C0] </TASK>
[ 286.781441][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.150 msecs
[ 286.782297][ T28] Kernel panic - not syncing: hung_task: blocked tasks
[ 286.782309][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-syzkaller-12485-gf3a2439f20d9 #0
[ 286.782331][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
[ 286.782343][ T28] Call Trace:
[ 286.782350][ T28] <TASK>
[ 286.782359][ T28] dump_stack_lvl+0x1e7/0x2d0
[ 286.782397][ T28] ? nf_tcp_handle_invalid+0x650/0x650
[ 286.782428][ T28] ? vsnprintf+0x17f/0x1d80
[ 286.782454][ T28] ? panic+0x770/0x770
[ 286.782487][ T28] ? vscnprintf+0x5d/0x80
[ 286.782518][ T28] panic+0x31c/0x770
[ 286.782541][ T28] ? schedule_preempt_disabled+0x20/0x20
[ 286.782569][ T28] ? nmi_trigger_cpumask_backtrace+0x2d1/0x410
[ 286.782593][ T28] ? memcpy_page_flushcache+0x100/0x100
[ 286.782627][ T28] ? nmi_trigger_cpumask_backtrace+0x2d1/0x410
[ 286.782648][ T28] ? nmi_trigger_cpumask_backtrace+0x356/0x410
[ 286.782673][ T28] ? nmi_trigger_cpumask_backtrace+0x35b/0x410
[ 286.782700][ T28] watchdog+0x1062/0x1070
[ 286.782748][ T28] kthread+0x270/0x300
[ 286.782769][ T28] ? hungtask_pm_notify+0x90/0x90
[ 286.782790][ T28] ? kthread_blkcg+0xd0/0xd0
[ 286.782815][ T28] ret_from_fork+0x1f/0x30
[ 286.782863][ T28] </TASK>
[ 286.786127][ T28] Kernel Offset: disabled
[ 287.284024][ T28] Rebooting in 86400 seconds..