./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor130321137 <...> Warning: Permanently added '10.128.1.21' (ED25519) to the list of known hosts. execve("./syz-executor130321137", ["./syz-executor130321137"], 0x7ffce1d4c540 /* 10 vars */) = 0 brk(NULL) = 0x55557f749000 brk(0x55557f749e00) = 0x55557f749e00 arch_prctl(ARCH_SET_FS, 0x55557f749480) = 0 set_tid_address(0x55557f749750) = 290 set_robust_list(0x55557f749760, 24) = 0 rseq(0x55557f749da0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor130321137", 4096) = 27 getrandom("\x88\xd2\x65\x0e\xb2\xc0\xd1\x4a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557f749e00 brk(0x55557f76ae00) = 0x55557f76ae00 brk(0x55557f76b000) = 0x55557f76b000 mprotect(0x7f83827f7000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f8382735a30, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f8382735a30, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program , child_tidptr=0x55557f749750) = 291 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 292 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 293 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 294 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 295 ./strace-static-x86_64: Process 295 attached [pid 295] set_robust_list(0x55557f749760, 24) = 0 [pid 295] mkdir("./syzkaller.pqSel9", 0700) = 0 [pid 295] chmod("./syzkaller.pqSel9", 0777) = 0 [pid 295] chdir("./syzkaller.pqSel9") = 0 [pid 295] mkdir("./0", 0777) = 0 ./strace-static-x86_64: Process 294 attached [pid 294] set_robust_list(0x55557f749760, 24) = 0 [pid 294] mkdir("./syzkaller.VBoWq1", 0700 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 294] <... mkdir resumed>) = 0 [pid 295] ioctl(3, LOOP_CLR_FD [pid 294] chmod("./syzkaller.VBoWq1", 0777 [pid 295] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 294] <... chmod resumed>) = 0 [pid 294] chdir("./syzkaller.VBoWq1") = 0 [pid 294] mkdir("./0", 0777 [pid 295] close(3) = 0 [pid 294] <... mkdir resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] <... clone resumed>, child_tidptr=0x55557f749750) = 296 [pid 294] <... clone resumed>, child_tidptr=0x55557f749750) = 297 ./strace-static-x86_64: Process 296 attached [pid 296] set_robust_list(0x55557f749760, 24) = 0 [pid 296] chdir("./0") = 0 [pid 296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 296] setpgid(0, 0) = 0 [pid 296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 296] write(3, "1000", 4) = 4 [pid 296] close(3) = 0 [pid 296] symlink("/dev/binderfs", "./binderfs") = 0 [pid 296] write(1, "executing program\n", 18) = 18 [pid 296] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 296] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 296] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 296] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 296] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 296] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[298]}, 88) = 298 [pid 296] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 298 attached [pid 298] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 298] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 298] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] memfd_create("syzkaller", 0) = 4 [pid 298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 ./strace-static-x86_64: Process 297 attached [pid 297] set_robust_list(0x55557f749760, 24) = 0 [pid 297] chdir("./0") = 0 [pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 297] setpgid(0, 0) = 0 [pid 297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 297] write(3, "1000", 4) = 4 [pid 297] close(3) = 0 [pid 297] symlink("/dev/binderfs", "./binderfs") = 0 [pid 297] write(1, "executing program\n", 18executing program ) = 18 [pid 297] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 297] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 297] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 297] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 297] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 297] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 ./strace-static-x86_64: Process 291 attached [pid 297] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0}./strace-static-x86_64: Process 292 attached => {parent_tid=[301]}, 88) = 301 [pid 297] rt_sigprocmask(SIG_SETMASK, [], [ 29.052727][ T28] audit: type=1400 audit(1749595026.614:64): avc: denied { execmem } for pid=290 comm="syz-executor130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 292] set_robust_list(0x55557f749760, 24 [pid 291] set_robust_list(0x55557f749760, 24./strace-static-x86_64: Process 293 attached [pid 297] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 292] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 301 attached [pid 301] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 291] <... set_robust_list resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] set_robust_list(0x55557f749760, 24 [pid 292] mkdir("./syzkaller.dS10Br", 0700 [pid 301] <... futex resumed>) = 0 [pid 297] <... futex resumed>) = 1 [pid 301] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 291] mkdir("./syzkaller.zhRvN7", 0700 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... set_robust_list resumed>) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 293] mkdir("./syzkaller.PJld9O", 0700 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 292] <... mkdir resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... mkdir resumed>) = 0 [pid 297] <... futex resumed>) = 1 [pid 301] <... futex resumed>) = 0 [pid 301] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 293] <... mkdir resumed>) = 0 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] chmod("./syzkaller.zhRvN7", 0777 [pid 293] chmod("./syzkaller.PJld9O", 0777 [pid 292] chmod("./syzkaller.dS10Br", 0777 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... chmod resumed>) = 0 [pid 297] <... futex resumed>) = 1 [pid 301] <... futex resumed>) = 0 [pid 301] bpf(BPF_PROG_LOAD, NULL, 0 [pid 293] <... chmod resumed>) = 0 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] chdir("./syzkaller.PJld9O" [pid 292] <... chmod resumed>) = 0 [pid 291] chdir("./syzkaller.zhRvN7" [pid 301] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] <... chdir resumed>) = 0 [pid 293] <... chdir resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] chdir("./syzkaller.dS10Br" [pid 301] <... futex resumed>) = 0 [pid 297] <... futex resumed>) = 1 [pid 291] mkdir("./0", 0777 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 293] mkdir("./0", 0777 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 297] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] <... futex resumed>) = 0 [pid 301] bpf(BPF_MAP_CREATE, NULL, 0 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 291] <... mkdir resumed>) = 0 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 297] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] <... futex resumed>) = 0 [pid 301] bpf(BPF_PROG_LOAD, NULL, 0 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... mkdir resumed>) = 0 [pid 292] <... chdir resumed>) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 301] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 297] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] <... futex resumed>) = 0 [pid 301] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... socket resumed>) = 3 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 297] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] <... futex resumed>) = 0 [pid 301] bpf(BPF_MAP_CREATE, NULL, 72 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 297] <... futex resumed>) = 0 [pid 301] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 292] mkdir("./0", 0777 [pid 291] <... openat resumed>) = 3 [pid 301] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 297] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... futex resumed>) = 0 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] memfd_create("syzkaller", 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... memfd_create resumed>) = 4 [pid 297] <... futex resumed>) = 0 [pid 301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 301] <... mmap resumed>) = 0x7f837a30b000 [ 29.096941][ T28] audit: type=1400 audit(1749595026.614:65): avc: denied { read write } for pid=295 comm="syz-executor130" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 293] <... openat resumed>) = 3 [pid 292] <... mkdir resumed>) = 0 [pid 291] ioctl(3, LOOP_CLR_FD [pid 293] ioctl(3, LOOP_CLR_FD [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 291] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 292] <... openat resumed>) = 3 [pid 291] close(3 [pid 293] close(3 [pid 292] ioctl(3, LOOP_CLR_FD [pid 291] <... close resumed>) = 0 [ 29.129657][ T28] audit: type=1400 audit(1749595026.614:66): avc: denied { open } for pid=295 comm="syz-executor130" path="/dev/loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 29.154999][ T28] audit: type=1400 audit(1749595026.614:67): avc: denied { ioctl } for pid=295 comm="syz-executor130" path="/dev/loop4" dev="devtmpfs" ino=122 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [pid 293] <... close resumed>) = 0 [pid 292] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 292] close(3executing program ) = 0 [pid 291] <... clone resumed>, child_tidptr=0x55557f749750) = 302 ./strace-static-x86_64: Process 302 attached [pid 302] set_robust_list(0x55557f749760, 24) = 0 [pid 302] chdir("./0") = 0 [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 302] setpgid(0, 0) = 0 [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 302] write(3, "1000", 4) = 4 [pid 302] close(3) = 0 [pid 302] symlink("/dev/binderfs", "./binderfs") = 0 [pid 302] write(1, "executing program\n", 18) = 18 ./strace-static-x86_64: Process 303 attached [pid 302] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] set_robust_list(0x55557f749760, 24 [pid 302] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 302] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 303] <... set_robust_list resumed>) = 0 [pid 302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 303] chdir("./0" [pid 302] <... mmap resumed>) = 0x7f838270b000 [pid 302] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 302] rt_sigprocmask(SIG_BLOCK, ~[], [pid 303] <... chdir resumed>) = 0 [pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 303] setpgid(0, 0) = 0 [pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 302] <... rt_sigprocmask resumed>[], 8) = 0 [pid 302] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 303] <... openat resumed>) = 3 [pid 293] <... clone resumed>, child_tidptr=0x55557f749750) = 303 [pid 302] <... clone3 resumed> => {parent_tid=[304]}, 88) = 304 [pid 303] write(3, "1000", 4 [pid 302] rt_sigprocmask(SIG_SETMASK, [], [pid 303] <... write resumed>) = 4 [pid 302] <... rt_sigprocmask resumed>NULL, 8) = 0 executing program [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 303] close(3) = 0 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] symlink("/dev/binderfs", "./binderfs") = 0 [pid 303] write(1, "executing program\n", 18) = 18 [pid 303] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 303] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 303] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 292] <... clone resumed>, child_tidptr=0x55557f749750) = 305 [pid 303] <... mmap resumed>) = 0x7f838270b000 [pid 303] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 303] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 303] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[306]}, 88) = 306 ./strace-static-x86_64: Process 304 attached [pid 303] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] set_robust_list(0x7f838272b9a0, 24executing program ) = 0 ./strace-static-x86_64: Process 305 attached [pid 305] set_robust_list(0x55557f749760, 24) = 0 [pid 305] chdir("./0") = 0 [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 305] setpgid(0, 0) = 0 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 305] write(3, "1000", 4) = 4 [pid 305] close(3) = 0 [pid 305] symlink("/dev/binderfs", "./binderfs") = 0 [pid 305] write(1, "executing program\n", 18) = 18 [pid 305] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 305] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 305] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 306 attached ) = 0 [pid 306] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 306] bpf(BPF_PROG_LOAD, NULL, 0 [pid 305] rt_sigprocmask(SIG_BLOCK, ~[], [pid 306] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] <... rt_sigprocmask resumed>[], 8) = 0 [pid 306] <... futex resumed>) = 1 [pid 306] bpf(BPF_PROG_LOAD, NULL, 0 [pid 305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 306] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 305] <... clone3 resumed> => {parent_tid=[307]}, 88) = 307 [pid 305] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] memfd_create("syzkaller", 0) = 4 [pid 306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 304] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] <... futex resumed>) = 0 [pid 304] <... futex resumed>) = 1 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) ./strace-static-x86_64: Process 307 attached [pid 307] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 307] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... futex resumed>) = 1 [pid 307] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... futex resumed>) = 1 [pid 307] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... futex resumed>) = 1 [pid 307] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... futex resumed>) = 1 [pid 307] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] bpf(BPF_PROG_LOAD, NULL, 0 [pid 307] <... futex resumed>) = 1 [pid 304] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 307] bpf(BPF_PROG_LOAD, NULL, 0 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 304] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 304] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 304] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] bpf(BPF_MAP_CREATE, NULL, 0 [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 305] <... futex resumed>) = 0 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 305] <... futex resumed>) = 0 [pid 304] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 302] <... futex resumed>) = 0 [pid 304] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] bpf(BPF_PROG_LOAD, NULL, 0 [pid 307] <... futex resumed>) = 1 [pid 307] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 304] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 307] <... socket resumed>) = 3 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 304] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 304] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 307] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 307] bpf(BPF_MAP_CREATE, NULL, 72 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 305] <... futex resumed>) = 0 [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... futex resumed>) = 0 [pid 305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 307] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 305] <... futex resumed>) = 0 [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... futex resumed>) = 0 [pid 305] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 307] memfd_create("syzkaller", 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... memfd_create resumed>) = 4 [pid 305] <... futex resumed>) = 0 [pid 304] <... socket resumed>) = 3 [pid 307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 307] <... mmap resumed>) = 0x7f837a30b000 [ 29.181317][ T28] audit: type=1400 audit(1749595026.614:68): avc: denied { bpf } for pid=296 comm="syz-executor130" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 29.203746][ T28] audit: type=1400 audit(1749595026.614:69): avc: denied { prog_load } for pid=296 comm="syz-executor130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 29.226317][ T28] audit: type=1400 audit(1749595026.614:70): avc: denied { map_create } for pid=296 comm="syz-executor130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 304] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 304] memfd_create("syzkaller", 0) = 4 [pid 304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 29.264636][ T28] audit: type=1400 audit(1749595026.614:71): avc: denied { create } for pid=296 comm="syz-executor130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [pid 301] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... write resumed>) = 20699119 [pid 298] munmap(0x7f837a30b000, 138412032) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 298] ioctl(5, LOOP_SET_FD, 4 [pid 304] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... ioctl resumed>) = 0 [pid 298] close(4) = 0 [pid 298] close(5) = 0 [pid 298] mkdir("./file4", 0777) = 0 [ 29.432327][ T298] loop4: detected capacity change from 0 to 40427 [ 29.455068][ T298] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 298] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 306] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 29.462111][ T28] audit: type=1400 audit(1749595027.024:72): avc: denied { mounton } for pid=296 comm="syz-executor130" path="/root/syzkaller.pqSel9/0/file4" dev="sda1" ino=2039 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 29.497184][ T298] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 29.526615][ T298] F2FS-fs (loop4): fault_injection options not supported [ 29.536671][ T298] F2FS-fs (loop4): fault_type options not supported [ 29.553936][ T298] F2FS-fs (loop4): invalid crc value [pid 307] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 301] <... write resumed>) = 20699119 [pid 301] munmap(0x7f837a30b000, 138412032) = 0 [pid 301] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [ 29.585566][ T298] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 301] ioctl(5, LOOP_SET_FD, 4 [pid 304] <... write resumed>) = 20699119 [pid 304] munmap(0x7f837a30b000, 138412032) = 0 [pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 304] ioctl(5, LOOP_SET_FD, 4 [pid 301] <... ioctl resumed>) = 0 [pid 301] close(4) = 0 [pid 301] close(5) = 0 [pid 301] mkdir("./file4", 0777) = 0 [pid 301] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 304] <... ioctl resumed>) = 0 [pid 304] close(4) = 0 [pid 304] close(5) = 0 [pid 304] mkdir("./file4", 0777) = 0 [ 29.626373][ T301] loop3: detected capacity change from 0 to 40427 [ 29.640568][ T304] loop0: detected capacity change from 0 to 40427 [ 29.667797][ T304] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 29.677544][ T301] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 29.685254][ T298] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 29.692412][ T304] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 29.701682][ T301] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 304] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 306] <... write resumed>) = 20699119 [pid 298] <... mount resumed>) = 0 [pid 306] munmap(0x7f837a30b000, 138412032 [pid 298] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 306] <... munmap resumed>) = 0 [pid 298] <... openat resumed>) = 4 [pid 298] chdir("./file4") = 0 [pid 306] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 298] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 306] <... openat resumed>) = 5 [pid 298] <... openat resumed>) = 5 [pid 306] ioctl(5, LOOP_SET_FD, 4 [ 29.710897][ T298] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 29.718557][ T304] F2FS-fs (loop0): fault_injection options not supported [ 29.726065][ T28] audit: type=1400 audit(1749595027.304:73): avc: denied { mount } for pid=296 comm="syz-executor130" name="/" dev="loop4" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 29.729535][ T304] F2FS-fs (loop0): fault_type options not supported [ 29.758673][ T306] loop2: detected capacity change from 0 to 40427 [pid 298] ioctl(5, LOOP_CLR_FD [pid 306] <... ioctl resumed>) = 0 [pid 298] <... ioctl resumed>) = 0 [pid 306] close(4 [pid 298] close(5 [pid 306] <... close resumed>) = 0 [pid 307] <... write resumed>) = 20699119 [pid 306] close(5 [pid 298] <... close resumed>) = 0 [pid 306] <... close resumed>) = 0 [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] munmap(0x7f837a30b000, 138412032 [pid 306] mkdir("./file4", 0777 [pid 298] <... futex resumed>) = 1 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... munmap resumed>) = 0 [pid 298] fspick(AT_FDCWD, ".", 0 [pid 306] <... mkdir resumed>) = 0 [pid 298] <... fspick resumed>) = 5 [pid 306] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 307] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [ 29.759277][ T301] F2FS-fs (loop3): fault_injection options not supported [ 29.778914][ T304] F2FS-fs (loop0): invalid crc value [ 29.787855][ T306] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 29.795957][ T298] F2FS-fs (loop4): switch discard_unit option is not allowed [ 29.799990][ T301] F2FS-fs (loop3): fault_type options not supported [pid 307] ioctl(5, LOOP_SET_FD, 4 [pid 298] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 298] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=296}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 298] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=296}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... futex resumed>) = 1 [pid 298] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 298] <... futex resumed>) = 1 [pid 298] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 298] <... futex resumed>) = 1 [pid 298] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 296] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 298] <... futex resumed>) = 1 [pid 298] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 298] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 296] <... futex resumed>) = 0 [pid 296] exit_group(0) = ? [pid 298] <... futex resumed>) = ? [pid 298] +++ exited with 0 +++ [pid 296] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=296, si_uid=0, si_status=0, si_utime=1, si_stime=18} --- [pid 295] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 29.811221][ T306] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 29.811360][ T307] loop1: detected capacity change from 0 to 40427 [ 29.830475][ T306] F2FS-fs (loop2): fault_injection options not supported [ 29.840537][ T304] F2FS-fs (loop0): Found nat_bits in checkpoint [ 29.840726][ T295] syz-executor130: attempt to access beyond end of device [ 29.840726][ T295] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 295] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... ioctl resumed>) = 0 [pid 307] close(4) = 0 [pid 307] close(5) = 0 [pid 307] mkdir("./file4", 0777) = 0 [ 29.863800][ T301] F2FS-fs (loop3): invalid crc value [ 29.871868][ T306] F2FS-fs (loop2): fault_type options not supported [ 29.883552][ T307] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 29.891252][ T307] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 29.900197][ T307] F2FS-fs (loop1): fault_injection options not supported [ 29.907311][ T306] F2FS-fs (loop2): invalid crc value [ 29.914028][ T307] F2FS-fs (loop1): fault_type options not supported [ 29.921412][ T307] F2FS-fs (loop1): invalid crc value [ 29.928812][ T306] F2FS-fs (loop2): Found nat_bits in checkpoint [ 29.935261][ T301] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 307] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 304] <... mount resumed>) = 0 [pid 304] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 304] chdir("./file4") = 0 [pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 304] ioctl(5, LOOP_CLR_FD) = 0 [pid 304] close(5) = 0 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] fspick(AT_FDCWD, ".", 0) = 5 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 29.962893][ T304] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 29.974182][ T304] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 29.992164][ T307] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 304] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 304] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 304] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 304] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=302}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 304] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=302}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 30.019403][ T304] F2FS-fs (loop0): switch discard_unit option is not allowed [ 30.043967][ T301] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 30.051948][ T306] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 30.061303][ T301] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 304] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 304] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 304] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 302] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 304] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 304] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 302] exit_group(0) = ? [pid 304] +++ exited with 0 +++ [pid 302] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=0, si_utime=5, si_stime=25} --- [pid 291] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 291] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 291] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 306] <... mount resumed>) = 0 [pid 301] <... mount resumed>) = 0 [pid 295] <... umount2 resumed>) = 0 [pid 295] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./0/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 295] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 306] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 295] getdents64(4, [pid 306] <... openat resumed>) = 4 [pid 295] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 306] chdir("./file4" [pid 295] getdents64(4, [pid 306] <... chdir resumed>) = 0 [pid 295] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 306] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 295] close(4 [pid 306] <... openat resumed>) = 5 [pid 295] <... close resumed>) = 0 [pid 306] ioctl(5, LOOP_CLR_FD [pid 295] rmdir("./0/file4" [pid 306] <... ioctl resumed>) = 0 [pid 295] <... rmdir resumed>) = 0 [pid 306] close(5 [pid 295] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 306] <... close resumed>) = 0 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] newfstatat(AT_FDCWD, "./0/binderfs", [pid 306] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 295] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] fspick(AT_FDCWD, ".", 0 [pid 303] <... futex resumed>) = 0 [pid 295] unlink("./0/binderfs" [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... fspick resumed>) = 5 [pid 295] <... unlink resumed>) = 0 [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] getdents64(3, [pid 306] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 301] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 295] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 303] <... futex resumed>) = 0 [pid 301] <... openat resumed>) = 4 [pid 295] close(3 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] chdir("./file4" [pid 295] <... close resumed>) = 0 [pid 301] <... chdir resumed>) = 0 [pid 295] rmdir("./0" [pid 301] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 295] <... rmdir resumed>) = 0 [pid 301] <... openat resumed>) = 5 [pid 295] mkdir("./1", 0777 [pid 301] ioctl(5, LOOP_CLR_FD [pid 295] <... mkdir resumed>) = 0 [pid 301] <... ioctl resumed>) = 0 [pid 301] close(5 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3 [pid 301] <... close resumed>) = 0 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... close resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 329 [pid 301] <... futex resumed>) = 1 [pid 297] <... futex resumed>) = 0 [pid 301] fspick(AT_FDCWD, ".", 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] <... fspick resumed>) = 5 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] <... futex resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 297] <... futex resumed>) = 0 [ 30.074947][ T306] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 30.094951][ T291] syz-executor130: attempt to access beyond end of device [ 30.094951][ T291] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 30.116934][ T306] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 306] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 329 attached [pid 329] set_robust_list(0x55557f749760, 24) = 0 [pid 329] chdir("./1") = 0 [pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 329] setpgid(0, 0) = 0 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] <... futex resumed>) = 1 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... futex resumed>) = 0 [pid 306] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = 1 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 297] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 301] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 306] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 306] sendfile(-1, -1, NULL, 281483568746501 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... open resumed>) = 6 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = 1 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 301] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 297] <... futex resumed>) = 0 [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 306] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 303] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = 1 [pid 297] <... futex resumed>) = 0 [pid 306] <... sendto resumed>) = 28 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 301] sendfile(-1, -1, NULL, 281483568746501 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] recvfrom(3, [pid 301] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... futex resumed>) = 0 [pid 306] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=303}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 306] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=303}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 329] write(3, "1000", 4) = 4 [pid 329] close(3) = 0 [pid 329] symlink("/dev/binderfs", "./binderfs") = 0 [pid 329] write(1, "executing program\n", 18executing program ) = 18 [pid 329] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 329] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 303] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 1 [pid 301] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 297] <... futex resumed>) = 0 [pid 306] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 301] <... sendto resumed>) = 28 [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] recvfrom(3, [pid 306] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 301] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=297}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 306] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] recvfrom(3, [pid 306] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 303] <... futex resumed>) = 0 [pid 306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 301] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=297}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 306] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] <... mmap resumed>) = 0x7f838270b000 [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE [pid 306] <... futex resumed>) = 1 [pid 329] <... mprotect resumed>) = 0 [pid 306] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 329] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[331]}, 88) = 331 [pid 329] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 331 attached [pid 331] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 331] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 331] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] <... futex resumed>) = 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 1 [pid 331] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 303] <... futex resumed>) = 0 [pid 297] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = 1 [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... futex resumed>) = 0 [pid 303] <... futex resumed>) = 1 [pid 297] <... futex resumed>) = 0 [pid 306] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 301] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... futex resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 301] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 297] <... futex resumed>) = 0 [pid 306] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 306] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 303] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 306] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 303] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 301] <... futex resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 306] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 297] <... futex resumed>) = 0 [pid 306] <... futex resumed>) = 1 [pid 303] <... futex resumed>) = 0 [pid 301] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 306] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] exit_group(0 [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 306] <... futex resumed>) = ? [pid 303] <... exit_group resumed>) = ? [pid 301] <... futex resumed>) = 0 [pid 297] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] +++ exited with 0 +++ [pid 303] +++ exited with 0 +++ [pid 301] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 297] <... futex resumed>) = 0 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=303, si_uid=0, si_status=0, si_utime=6, si_stime=25} --- [pid 301] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 297] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 301] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] <... futex resumed>) = 0 [pid 301] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 297] exit_group(0 [pid 301] <... futex resumed>) = ? [pid 297] <... exit_group resumed>) = ? [pid 301] +++ exited with 0 +++ [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] <... futex resumed>) = 0 [pid 331] <... futex resumed>) = 1 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] bpf(BPF_PROG_LOAD, NULL, 0 [pid 329] <... futex resumed>) = 0 [pid 331] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] +++ exited with 0 +++ [pid 331] <... futex resumed>) = 1 [pid 329] <... futex resumed>) = 0 [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=297, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 331] bpf(BPF_PROG_LOAD, NULL, 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 329] <... futex resumed>) = 0 [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 0 [pid 329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 331] bpf(BPF_MAP_CREATE, NULL, 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 0 [pid 329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 331] bpf(BPF_PROG_LOAD, NULL, 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] <... restart_syscall resumed>) = 0 [pid 331] <... futex resumed>) = 0 [pid 329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 331] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... socket resumed>) = 3 [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 0 [pid 329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 294] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 331] bpf(BPF_MAP_CREATE, NULL, 72 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 329] <... futex resumed>) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 0 [pid 329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 294] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 331] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 329] <... futex resumed>) = 0 [pid 294] <... openat resumed>) = 3 [pid 293] <... restart_syscall resumed>) = 0 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] newfstatat(3, "", [pid 307] <... mount resumed>) = 0 [pid 331] <... futex resumed>) = 0 [pid 329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 331] memfd_create("syzkaller", 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 293] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] getdents64(3, [pid 331] <... memfd_create resumed>) = 4 [pid 329] <... futex resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 307] <... openat resumed>) = 4 [pid 294] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 293] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 331] <... mmap resumed>) = 0x7f837a30b000 [pid 307] chdir("./file4" [pid 294] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... openat resumed>) = 3 [pid 293] newfstatat(3, "", [pid 307] <... chdir resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 30.144233][ T301] F2FS-fs (loop3): switch discard_unit option is not allowed [ 30.156606][ T307] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 30.168172][ T307] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 293] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 307] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 293] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 307] <... openat resumed>) = 5 [pid 307] ioctl(5, LOOP_CLR_FD) = 0 [pid 307] close(5) = 0 [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] fspick(AT_FDCWD, ".", 0 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... fspick resumed>) = 5 [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [ 30.214633][ T294] syz-executor130: attempt to access beyond end of device [ 30.214633][ T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 30.229383][ T293] syz-executor130: attempt to access beyond end of device [ 30.229383][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 307] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 305] <... futex resumed>) = 0 [pid 307] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] <... umount2 resumed>) = 0 [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 291] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... open resumed>) = 6 [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] newfstatat(AT_FDCWD, "./0/file4", [pid 307] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 291] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 291] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 305] <... futex resumed>) = 0 [pid 307] <... futex resumed>) = 1 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] sendfile(-1, -1, NULL, 281483568746501 [pid 291] <... openat resumed>) = 4 [pid 307] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 291] newfstatat(4, "", [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 307] <... futex resumed>) = 1 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 291] getdents64(4, [pid 307] <... sendto resumed>) = 28 [pid 307] recvfrom(3, [pid 291] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 307] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=305}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 291] getdents64(4, [pid 307] recvfrom(3, [pid 291] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 307] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=305}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 291] close(4 [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... close resumed>) = 0 [pid 307] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 291] rmdir("./0/file4" [pid 307] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 291] <... rmdir resumed>) = 0 [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 291] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 305] <... futex resumed>) = 0 [pid 307] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] newfstatat(AT_FDCWD, "./0/binderfs", [pid 307] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 291] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 307] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] unlink("./0/binderfs" [pid 307] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 305] <... futex resumed>) = 0 [pid 291] <... unlink resumed>) = 0 [pid 307] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 307] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] close(3 [pid 307] <... futex resumed>) = 1 [pid 305] <... futex resumed>) = 0 [pid 291] <... close resumed>) = 0 [pid 307] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 305] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 305] <... futex resumed>) = 0 [pid 291] rmdir("./0" [pid 307] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] <... rmdir resumed>) = 0 [pid 307] <... futex resumed>) = 0 [pid 305] exit_group(0 [pid 307] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 291] mkdir("./1", 0777 [pid 307] <... futex resumed>) = ? [pid 305] <... exit_group resumed>) = ? [pid 291] <... mkdir resumed>) = 0 [pid 307] +++ exited with 0 +++ [pid 305] +++ exited with 0 +++ [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=4, si_stime=27} --- [pid 291] <... openat resumed>) = 3 [pid 292] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 291] ioctl(3, LOOP_CLR_FD [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 291] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 292] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] close(3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] <... close resumed>) = 0 [pid 292] getdents64(3, executing program [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 292] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 292] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 291] <... clone resumed>, child_tidptr=0x55557f749750) = 332 ./strace-static-x86_64: Process 332 attached [pid 332] set_robust_list(0x55557f749760, 24) = 0 [pid 332] chdir("./1") = 0 [pid 332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 332] setpgid(0, 0) = 0 [pid 332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 332] write(3, "1000", 4) = 4 [pid 332] close(3) = 0 [pid 332] symlink("/dev/binderfs", "./binderfs") = 0 [pid 332] write(1, "executing program\n", 18) = 18 [pid 332] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 332] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [ 30.284909][ T307] F2FS-fs (loop1): switch discard_unit option is not allowed [ 30.321242][ T292] syz-executor130: attempt to access beyond end of device [ 30.321242][ T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 332] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 332] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 332] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 332] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[333]}, 88) = 333 [pid 332] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 333 attached [pid 333] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 333] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 333] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] memfd_create("syzkaller", 0) = 4 [pid 333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 331] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./0/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./0/file4") = 0 [pid 294] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./0/binderfs") = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./0") = 0 [pid 294] mkdir("./1", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 334 ./strace-static-x86_64: Process 334 attached [pid 334] set_robust_list(0x55557f749760, 24) = 0 [pid 334] chdir("./1") = 0 [pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 334] setpgid(0, 0) = 0 [pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 334] write(3, "1000", 4) = 4 [pid 334] close(3) = 0 [pid 334] symlink("/dev/binderfs", "./binderfs") = 0 [pid 334] write(1, "executing program\n", 18executing program ) = 18 [pid 334] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 334] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 334] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 334] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 334] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 334] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 334] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[335]}, 88) = 335 [pid 334] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 335 attached [pid 335] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 335] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 335] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] bpf(BPF_MAP_CREATE, NULL, 0 [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... futex resumed>) = 0 [pid 334] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] bpf(BPF_PROG_LOAD, NULL, 0 [pid 334] <... futex resumed>) = 0 [pid 335] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... futex resumed>) = 0 [pid 334] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 335] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 335] bpf(BPF_PROG_LOAD, NULL, 0 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 335] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... socket resumed>) = 3 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 335] bpf(BPF_MAP_CREATE, NULL, 72 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 335] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 335] memfd_create("syzkaller", 0 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 335] <... memfd_create resumed>) = 4 [pid 335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 292] <... umount2 resumed>) = 0 [pid 293] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./0/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./0/file4", [pid 293] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] rmdir("./0/file4" [pid 292] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 293] <... rmdir resumed>) = 0 [pid 293] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./0/binderfs" [pid 292] <... openat resumed>) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] <... unlink resumed>) = 0 [pid 292] getdents64(4, [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./0" [pid 292] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4 [pid 293] <... rmdir resumed>) = 0 [pid 292] <... close resumed>) = 0 [pid 293] mkdir("./1", 0777 [pid 292] rmdir("./0/file4") = 0 [pid 292] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... mkdir resumed>) = 0 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./0/binderfs", [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 292] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] <... openat resumed>) = 3 [pid 293] ioctl(3, LOOP_CLR_FD [pid 292] unlink("./0/binderfs" [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 293] close(3 [pid 292] <... unlink resumed>) = 0 [pid 293] <... close resumed>) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 336 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./0") = 0 [pid 292] mkdir("./1", 0777) = 0 ./strace-static-x86_64: Process 336 attached [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 336] set_robust_list(0x55557f749760, 24) = 0 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 336] chdir("./1" [pid 292] close(3) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 336] <... chdir resumed>) = 0 [pid 292] <... clone resumed>, child_tidptr=0x55557f749750) = 337 [pid 336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 336] setpgid(0, 0) = 0 [pid 336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 336] write(3, "1000", 4) = 4 [pid 336] close(3) = 0 [pid 336] symlink("/dev/binderfs", "./binderfs") = 0 [pid 336] write(1, "executing program\n", 18executing program ) = 18 [pid 336] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 336] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 336] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 336] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 336] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 336] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[338]}, 88) = 338 [pid 336] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 337 attached [pid 337] set_robust_list(0x55557f749760, 24) = 0 [pid 337] chdir("./1") = 0 [pid 337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 337] setpgid(0, 0) = 0 [pid 337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 338 attached [pid 338] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 338] rt_sigprocmask(SIG_SETMASK, [], [pid 337] <... openat resumed>) = 3 [pid 338] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 338] bpf(BPF_PROG_LOAD, NULL, 0 [pid 337] write(3, "1000", 4) = 4 [pid 337] close(3) = 0 [pid 337] symlink("/dev/binderfs", "./binderfs" [pid 338] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] bpf(BPF_MAP_CREATE, NULL, 0 [pid 336] <... futex resumed>) = 0 [pid 338] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 337] <... symlink resumed>) = 0 executing program [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] write(1, "executing program\n", 18) = 18 [pid 337] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 337] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 337] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 338] <... futex resumed>) = 1 [pid 336] <... futex resumed>) = 0 [pid 337] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 337] <... mprotect resumed>) = 0 [pid 338] bpf(BPF_PROG_LOAD, NULL, 0 [pid 337] rt_sigprocmask(SIG_BLOCK, ~[], [pid 338] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 337] <... rt_sigprocmask resumed>[], 8) = 0 [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[339]}, 88) = 339 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 338] <... futex resumed>) = 1 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 337] rt_sigprocmask(SIG_SETMASK, [], [pid 338] bpf(BPF_PROG_LOAD, NULL, 0 [pid 337] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 336] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = 1 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 336] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = 1 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 336] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = 1 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 338] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... socket resumed>) = 3 [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] bpf(BPF_MAP_CREATE, NULL, 72 [pid 336] <... futex resumed>) = 0 [pid 338] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] memfd_create("syzkaller", 0 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 338] <... memfd_create resumed>) = 4 [pid 338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 ./strace-static-x86_64: Process 339 attached [pid 339] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 339] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 339] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] memfd_create("syzkaller", 0) = 4 [pid 339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 333] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 331] <... write resumed>) = 20699119 [pid 331] munmap(0x7f837a30b000, 138412032) = 0 [pid 331] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 331] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 331] close(4) = 0 [pid 331] close(5) = 0 [pid 331] mkdir("./file4", 0777) = 0 [pid 331] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 30.657093][ T331] loop4: detected capacity change from 0 to 40427 [ 30.674982][ T331] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 30.686391][ T331] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 30.723590][ T331] F2FS-fs (loop4): fault_injection options not supported [ 30.743669][ T331] F2FS-fs (loop4): fault_type options not supported [pid 335] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 333] <... write resumed>) = 20699119 [ 30.772509][ T331] F2FS-fs (loop4): invalid crc value [pid 333] munmap(0x7f837a30b000, 138412032) = 0 [pid 338] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 333] ioctl(5, LOOP_SET_FD, 4 [pid 339] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 333] <... ioctl resumed>) = 0 [pid 333] close(4) = 0 [pid 333] close(5) = 0 [pid 333] mkdir("./file4", 0777) = 0 [ 30.797581][ T331] F2FS-fs (loop4): Found nat_bits in checkpoint [ 30.813993][ T333] loop0: detected capacity change from 0 to 40427 [ 30.833662][ T333] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 30.840659][ T333] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 30.880458][ T333] F2FS-fs (loop0): fault_injection options not supported [ 30.901214][ T333] F2FS-fs (loop0): fault_type options not supported [ 30.922897][ T331] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [pid 333] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 331] <... mount resumed>) = 0 [pid 331] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 331] chdir("./file4") = 0 [pid 331] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 331] ioctl(5, LOOP_CLR_FD) = 0 [pid 331] close(5) = 0 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] <... futex resumed>) = 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 1 [pid 331] fspick(AT_FDCWD, ".", 0) = 5 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] <... futex resumed>) = 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 1 [pid 331] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] <... futex resumed>) = 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 1 [pid 331] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] <... futex resumed>) = 0 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 1 [pid 331] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... write resumed>) = 20699119 [pid 331] <... futex resumed>) = 1 [pid 329] <... futex resumed>) = 0 [pid 331] sendfile(-1, -1, NULL, 281483568746501 [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 329] <... futex resumed>) = 0 [pid 335] munmap(0x7f837a30b000, 138412032 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... futex resumed>) = 0 [pid 329] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 331] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 329] <... futex resumed>) = 0 [pid 331] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... sendto resumed>) = 28 [pid 331] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=329}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 335] <... munmap resumed>) = 0 [pid 331] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=329}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 30.930221][ T333] F2FS-fs (loop0): invalid crc value [ 30.943682][ T331] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 30.963584][ T331] F2FS-fs (loop4): switch discard_unit option is not allowed [ 30.972613][ T333] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 329] <... futex resumed>) = 0 [pid 335] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 331] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 331] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 329] <... futex resumed>) = 0 [pid 335] <... openat resumed>) = 5 [pid 331] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 331] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 329] <... futex resumed>) = 0 [pid 331] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 335] ioctl(5, LOOP_SET_FD, 4 [pid 331] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 331] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 329] <... futex resumed>) = 0 [pid 331] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 329] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 331] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 331] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 329] <... futex resumed>) = 0 [pid 331] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 329] exit_group(0 [pid 331] <... futex resumed>) = ? [pid 329] <... exit_group resumed>) = ? [pid 331] +++ exited with 0 +++ [pid 329] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=8, si_stime=12} --- [pid 295] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 295] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 335] <... ioctl resumed>) = 0 [pid 335] close(4) = 0 [pid 335] close(5) = 0 [pid 335] mkdir("./file4", 0777) = 0 [pid 335] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 339] <... write resumed>) = 20699119 [pid 339] munmap(0x7f837a30b000, 138412032) = 0 [pid 339] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [ 31.014659][ T335] loop3: detected capacity change from 0 to 40427 [ 31.027305][ T295] syz-executor130: attempt to access beyond end of device [ 31.027305][ T295] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 31.050732][ T335] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 31.058614][ T339] loop1: detected capacity change from 0 to 40427 [pid 339] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 339] close(4) = 0 [pid 339] close(5) = 0 [pid 339] mkdir("./file4", 0777) = 0 [ 31.065213][ T335] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 31.075216][ T339] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 31.096089][ T339] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 31.102914][ T335] F2FS-fs (loop3): fault_injection options not supported [pid 339] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 333] <... mount resumed>) = 0 [pid 333] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 333] chdir("./file4") = 0 [pid 333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 333] ioctl(5, LOOP_CLR_FD) = 0 [pid 333] close(5) = 0 [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] fspick(AT_FDCWD, ".", 0) = 5 [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 338] <... write resumed>) = 20699119 [pid 333] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 338] munmap(0x7f837a30b000, 138412032 [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 333] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=332}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 333] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=332}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 333] <... futex resumed>) = 1 [pid 333] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 333] <... futex resumed>) = 1 [pid 333] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 333] <... futex resumed>) = 1 [pid 333] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 332] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 333] <... futex resumed>) = 1 [pid 333] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 333] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 332] <... futex resumed>) = 0 [pid 332] exit_group(0) = ? [pid 333] <... futex resumed>) = ? [pid 333] +++ exited with 0 +++ [pid 332] +++ exited with 0 +++ [ 31.111920][ T333] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 31.112599][ T335] F2FS-fs (loop3): fault_type options not supported [ 31.125673][ T339] F2FS-fs (loop1): fault_injection options not supported [ 31.132987][ T333] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 31.140880][ T339] F2FS-fs (loop1): fault_type options not supported [ 31.149730][ T333] F2FS-fs (loop0): switch discard_unit option is not allowed [ 31.158613][ T339] F2FS-fs (loop1): invalid crc value [pid 338] <... munmap resumed>) = 0 [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=332, si_uid=0, si_status=0, si_utime=4, si_stime=24} --- [pid 338] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 338] <... openat resumed>) = 5 [pid 291] <... restart_syscall resumed>) = 0 [pid 338] ioctl(5, LOOP_SET_FD, 4 [pid 291] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 291] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 338] <... ioctl resumed>) = 0 [pid 338] close(4) = 0 [pid 338] close(5) = 0 [pid 338] mkdir("./file4", 0777) = 0 [ 31.174473][ T335] F2FS-fs (loop3): invalid crc value [ 31.181835][ T338] loop2: detected capacity change from 0 to 40427 [ 31.190224][ T291] syz-executor130: attempt to access beyond end of device [ 31.190224][ T291] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 31.195922][ T335] F2FS-fs (loop3): Found nat_bits in checkpoint [ 31.212467][ T339] F2FS-fs (loop1): Found nat_bits in checkpoint [ 31.228821][ T338] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 31.244069][ T338] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 31.261358][ T338] F2FS-fs (loop2): fault_injection options not supported [ 31.273695][ T338] F2FS-fs (loop2): fault_type options not supported [ 31.293897][ T338] F2FS-fs (loop2): invalid crc value [ 31.317403][ T338] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 338] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 335] <... mount resumed>) = 0 [pid 335] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 335] chdir("./file4") = 0 [pid 335] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 335] ioctl(5, LOOP_CLR_FD) = 0 [pid 335] close(5) = 0 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] fspick(AT_FDCWD, ".", 0) = 5 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [ 31.326385][ T335] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 31.333454][ T335] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 31.357302][ T339] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [pid 335] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 334] <... futex resumed>) = 0 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = 0 [pid 334] <... futex resumed>) = 1 [pid 335] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] <... open resumed>) = 6 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 295] <... umount2 resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./1/file4", [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 335] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 335] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 334] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 335] <... futex resumed>) = 0 [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] getdents64(4, [pid 335] sendfile(-1, -1, NULL, 281483568746501 [pid 334] <... futex resumed>) = 0 [pid 335] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 334] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 335] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 295] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] close(4) = 0 [pid 335] <... futex resumed>) = 0 [pid 334] <... futex resumed>) = 1 [pid 335] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] rmdir("./1/file4" [pid 335] <... sendto resumed>) = 28 [pid 335] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=334}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 335] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=334}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... rmdir resumed>) = 0 [pid 335] <... futex resumed>) = 0 [pid 334] <... futex resumed>) = 1 [pid 335] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 295] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 335] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 334] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./1/binderfs", [pid 335] <... futex resumed>) = 0 [pid 334] <... futex resumed>) = 1 [pid 335] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 295] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./1/binderfs" [pid 335] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... unlink resumed>) = 0 [pid 335] <... futex resumed>) = 1 [pid 334] <... futex resumed>) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3) = 0 [pid 295] rmdir("./1" [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 335] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 334] <... futex resumed>) = 0 [pid 335] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 334] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 335] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 335] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] <... futex resumed>) = 0 [pid 335] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 334] exit_group(0) = ? [pid 335] <... futex resumed>) = ? [pid 295] <... rmdir resumed>) = 0 [pid 295] mkdir("./2", 0777 [pid 335] +++ exited with 0 +++ [pid 334] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 295] <... mkdir resumed>) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 294] <... restart_syscall resumed>) = 0 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3) = 0 [ 31.375164][ T335] F2FS-fs (loop3): switch discard_unit option is not allowed [ 31.387594][ T339] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 360 [pid 339] <... mount resumed>) = 0 [pid 339] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 339] chdir("./file4") = 0 [pid 339] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 339] ioctl(5, LOOP_CLR_FD) = 0 [pid 339] close(5) = 0 [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] fspick(AT_FDCWD, ".", 0) = 5 [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 294] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 294] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 339] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 339] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=337}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 339] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=337}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 339] <... futex resumed>) = 1 [pid 339] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 339] <... futex resumed>) = 1 [pid 339] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 339] <... futex resumed>) = 1 [pid 339] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 339] <... futex resumed>) = 1 [pid 339] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 339] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 337] exit_group(0) = ? [pid 339] <... futex resumed>) = ? [pid 339] +++ exited with 0 +++ [pid 337] +++ exited with 0 +++ [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=337, si_uid=0, si_status=0, si_utime=3, si_stime=21} --- [pid 292] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 292] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 291] <... umount2 resumed>) = 0 [pid 291] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./1/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./1/file4") = 0 [pid 291] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./1/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./1") = 0 [pid 291] mkdir("./2", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 361 ./strace-static-x86_64: Process 361 attached [pid 361] set_robust_list(0x55557f749760, 24) = 0 [pid 361] chdir("./2") = 0 [pid 361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 361] setpgid(0, 0) = 0 executing program [pid 361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 361] write(3, "1000", 4) = 4 [pid 361] close(3) = 0 [pid 361] symlink("/dev/binderfs", "./binderfs") = 0 [pid 361] write(1, "executing program\n", 18) = 18 [pid 361] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 361] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 361] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 361] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 361] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 361] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[362]}, 88) = 362 [pid 361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 362 attached [pid 362] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 362] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 362] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 360 attached ) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] <... futex resumed>) = 0 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 362] <... futex resumed>) = 1 [pid 362] memfd_create("syzkaller", 0) = 4 [pid 362] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 360] set_robust_list(0x55557f749760, 24) = 0 [pid 360] chdir("./2") = 0 [pid 360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 360] setpgid(0, 0) = 0 [pid 360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 31.420314][ T339] F2FS-fs (loop1): switch discard_unit option is not allowed [ 31.436355][ T294] syz-executor130: attempt to access beyond end of device [ 31.436355][ T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 31.453880][ T292] syz-executor130: attempt to access beyond end of device [ 31.453880][ T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 360] write(3, "1000", 4) = 4 [pid 360] close(3) = 0 [pid 360] symlink("/dev/binderfs", "./binderfs") = 0 [pid 360] write(1, "executing program\n", 18executing program ) = 18 [pid 360] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 360] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 360] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 360] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 360] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 360] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 360] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[364]}, 88) = 364 [pid 360] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 364 attached [pid 364] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 364] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 364] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] <... futex resumed>) = 0 [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] bpf(BPF_MAP_CREATE, NULL, 0 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 338] <... mount resumed>) = 0 [pid 338] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 338] chdir("./file4") = 0 [pid 338] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 338] ioctl(5, LOOP_CLR_FD [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... ioctl resumed>) = 0 [pid 360] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 338] close(5 [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] <... close resumed>) = 0 [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 360] <... futex resumed>) = 1 [pid 364] <... futex resumed>) = 0 [pid 364] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 336] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = 1 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] fspick(AT_FDCWD, ".", 0 [pid 360] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] <... fspick resumed>) = 5 [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 360] <... futex resumed>) = 1 [pid 364] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = 1 [pid 336] <... futex resumed>) = 0 [ 31.486399][ T338] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 31.514581][ T338] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 364] bpf(BPF_MAP_CREATE, NULL, 0 [pid 338] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 336] <... futex resumed>) = 0 [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] <... socket resumed>) = 3 [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] <... futex resumed>) = 0 [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 364] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] <... futex resumed>) = 1 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 364] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] <... futex resumed>) = 1 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 364] memfd_create("syzkaller", 0) = 4 [pid 364] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 360] <... futex resumed>) = 1 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 338] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 338] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... open resumed>) = 6 [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 336] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = 1 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 338] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 336] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = 1 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 338] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 338] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 338] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=336}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 338] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=336}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 338] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 338] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 338] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 338] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 338] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 336] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 338] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 338] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 336] <... futex resumed>) = 0 [pid 336] exit_group(0) = ? [pid 338] +++ exited with 0 +++ [pid 336] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=336, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [ 31.546379][ T338] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 293] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 31.610865][ T293] syz-executor130: attempt to access beyond end of device [ 31.610865][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 362] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 364] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./1/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./1/file4" [pid 292] <... umount2 resumed>) = 0 [pid 292] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] <... rmdir resumed>) = 0 [pid 292] newfstatat(AT_FDCWD, "./1/file4", [pid 294] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./1/binderfs" [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] <... unlink resumed>) = 0 [pid 292] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./1") = 0 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] mkdir("./2", 0777) = 0 [pid 292] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 292] getdents64(4, [pid 294] <... openat resumed>) = 3 [pid 292] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] ioctl(3, LOOP_CLR_FD [pid 292] getdents64(4, [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 292] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(3 [pid 292] close(4 [pid 294] <... close resumed>) = 0 [pid 292] <... close resumed>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 365 [pid 292] rmdir("./1/file4"./strace-static-x86_64: Process 365 attached ) = 0 [pid 292] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./1/binderfs") = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./1" [pid 365] set_robust_list(0x55557f749760, 24 [pid 292] <... rmdir resumed>) = 0 [pid 292] mkdir("./2", 0777 [pid 365] <... set_robust_list resumed>) = 0 [pid 292] <... mkdir resumed>) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 365] chdir("./2") = 0 [pid 365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 365] setpgid(0, 0) = 0 [pid 365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 365] write(3, "1000", 4) = 4 [pid 365] close(3) = 0 [pid 365] symlink("/dev/binderfs", "./binderfs") = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 365] write(1, "executing program\n", 18) = 18 [pid 292] <... clone resumed>, child_tidptr=0x55557f749750) = 366 [pid 365] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 365] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 365] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 365] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 365] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 365] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[367]}, 88) = 367 [pid 365] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 367 attached ./strace-static-x86_64: Process 366 attached [pid 366] set_robust_list(0x55557f749760, 24) = 0 [pid 366] chdir("./2" [pid 367] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 367] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 367] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 366] <... chdir resumed>) = 0 [pid 366] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 366] setpgid(0, 0) = 0 [pid 367] <... futex resumed>) = 1 [pid 366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 366] write(3, "1000", 4) = 4 [pid 366] close(3) = 0 [pid 366] symlink("/dev/binderfs", "./binderfs" [pid 367] bpf(BPF_MAP_CREATE, NULL, 72executing program [pid 366] <... symlink resumed>) = 0 [pid 366] write(1, "executing program\n", 18) = 18 [pid 366] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 366] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 366] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 366] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 366] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 367] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 366] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 366] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[368]}, 88) = 368 [pid 366] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 367] <... futex resumed>) = 1 [pid 367] memfd_create("syzkaller", 0) = 4 [pid 367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 293] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 368 attached [pid 368] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 368] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 368] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 293] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 366] <... futex resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] newfstatat(AT_FDCWD, "./1/file4", [pid 366] <... futex resumed>) = 0 [pid 368] bpf(BPF_MAP_CREATE, NULL, 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 366] <... futex resumed>) = 0 [pid 293] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 368] bpf(BPF_PROG_LOAD, NULL, 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 368] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 368] <... futex resumed>) = 1 [pid 366] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 293] <... openat resumed>) = 4 [pid 368] bpf(BPF_PROG_LOAD, NULL, 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 293] newfstatat(4, "", [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 366] <... futex resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 293] getdents64(4, [pid 368] bpf(BPF_MAP_CREATE, NULL, 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 362] <... write resumed>) = 20699119 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] munmap(0x7f837a30b000, 138412032 [pid 293] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 368] <... futex resumed>) = 1 [pid 366] <... futex resumed>) = 0 [pid 293] getdents64(4, [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 293] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 368] bpf(BPF_PROG_LOAD, NULL, 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 293] close(4 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 366] <... futex resumed>) = 0 [pid 293] <... close resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 293] rmdir("./1/file4" [pid 368] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... socket resumed>) = 3 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... rmdir resumed>) = 0 [pid 368] <... futex resumed>) = 1 [pid 366] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 368] bpf(BPF_MAP_CREATE, NULL, 72 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] newfstatat(AT_FDCWD, "./1/binderfs", [pid 368] <... futex resumed>) = 1 [pid 366] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 293] unlink("./1/binderfs" [pid 368] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 293] <... unlink resumed>) = 0 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 366] <... futex resumed>) = 0 [pid 293] getdents64(3, [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 293] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 368] memfd_create("syzkaller", 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 293] close(3 [pid 368] <... memfd_create resumed>) = 4 [pid 362] <... munmap resumed>) = 0 [pid 368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 362] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 293] <... close resumed>) = 0 [pid 368] <... mmap resumed>) = 0x7f837a30b000 [pid 362] <... openat resumed>) = 5 [pid 293] rmdir("./1") = 0 [pid 362] ioctl(5, LOOP_SET_FD, 4 [pid 293] mkdir("./2", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 369 ./strace-static-x86_64: Process 369 attached [pid 369] set_robust_list(0x55557f749760, 24) = 0 [pid 369] chdir("./2") = 0 [pid 369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 369] setpgid(0, 0) = 0 [pid 369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 369] write(3, "1000", 4) = 4 [pid 369] close(3) = 0 [pid 369] symlink("/dev/binderfs", "./binderfs") = 0 [pid 369] write(1, "executing program\n", 18executing program ) = 18 [pid 369] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 369] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 369] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 369] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 369] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 369] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 369] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[370]}, 88) = 370 [pid 369] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 370 attached [pid 370] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 370] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 370] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] <... futex resumed>) = 0 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 1 [pid 370] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] <... futex resumed>) = 0 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] <... ioctl resumed>) = 0 [pid 370] <... futex resumed>) = 1 [pid 362] close(4 [pid 370] bpf(BPF_PROG_LOAD, NULL, 0 [pid 369] <... futex resumed>) = 0 [pid 362] <... close resumed>) = 0 [pid 362] close(5 [pid 370] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... close resumed>) = 0 [pid 362] mkdir("./file4", 0777 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 369] <... futex resumed>) = 0 [pid 362] <... mkdir resumed>) = 0 [pid 370] bpf(BPF_PROG_LOAD, NULL, 0 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 370] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 369] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 0 [pid 369] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] bpf(BPF_MAP_CREATE, NULL, 0 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 369] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 0 [pid 369] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] bpf(BPF_PROG_LOAD, NULL, 0 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 369] <... futex resumed>) = 0 [ 31.844651][ T362] loop0: detected capacity change from 0 to 40427 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 0 [pid 369] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... socket resumed>) = 3 [pid 369] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 0 [pid 369] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] bpf(BPF_MAP_CREATE, NULL, 72 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 369] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 0 [pid 369] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 369] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 0 [pid 369] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 370] memfd_create("syzkaller", 0 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 370] <... memfd_create resumed>) = 4 [pid 370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 31.890519][ T362] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 31.906859][ T362] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 364] <... write resumed>) = 20699119 [pid 364] munmap(0x7f837a30b000, 138412032) = 0 [pid 364] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [ 31.933687][ T362] F2FS-fs (loop0): fault_injection options not supported [ 31.953544][ T362] F2FS-fs (loop0): fault_type options not supported [ 31.973165][ T362] F2FS-fs (loop0): invalid crc value [pid 364] ioctl(5, LOOP_SET_FD, 4 [pid 367] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 364] <... ioctl resumed>) = 0 [pid 364] close(4) = 0 [pid 364] close(5) = 0 [pid 364] mkdir("./file4", 0777) = 0 [ 31.978963][ T364] loop4: detected capacity change from 0 to 40427 [ 31.997350][ T364] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 32.006834][ T364] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 32.023594][ T364] F2FS-fs (loop4): fault_injection options not supported [pid 364] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 368] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 32.031640][ T362] F2FS-fs (loop0): Found nat_bits in checkpoint [ 32.053571][ T364] F2FS-fs (loop4): fault_type options not supported [ 32.082454][ T364] F2FS-fs (loop4): invalid crc value [pid 370] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 367] <... write resumed>) = 20699119 [pid 367] munmap(0x7f837a30b000, 138412032) = 0 [pid 367] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 367] ioctl(5, LOOP_SET_FD, 4 [pid 362] <... mount resumed>) = 0 [pid 362] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 362] chdir("./file4") = 0 [pid 362] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 362] ioctl(5, LOOP_CLR_FD) = 0 [pid 362] close(5) = 0 [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] fspick(AT_FDCWD, ".", 0) = 5 [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] <... futex resumed>) = 0 [pid 361] <... futex resumed>) = 1 [pid 362] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 32.124160][ T364] F2FS-fs (loop4): Found nat_bits in checkpoint [ 32.132055][ T362] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 32.143554][ T362] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 32.165447][ T367] loop3: detected capacity change from 0 to 40427 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 361] <... futex resumed>) = 0 [pid 362] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... open resumed>) = 6 [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] <... futex resumed>) = 0 [pid 361] <... futex resumed>) = 1 [pid 362] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 361] <... futex resumed>) = 0 [pid 362] <... sendto resumed>) = 28 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=361}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 362] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=361}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] <... futex resumed>) = 0 [pid 362] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 362] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] <... futex resumed>) = 0 [pid 362] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 362] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 361] <... futex resumed>) = 0 [pid 362] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 362] <... futex resumed>) = 0 [pid 361] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 361] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 362] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 361] <... futex resumed>) = 0 [pid 362] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 361] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 362] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 362] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 361] <... futex resumed>) = 0 [pid 362] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 361] exit_group(0 [pid 362] <... futex resumed>) = ? [pid 361] <... exit_group resumed>) = ? [pid 362] +++ exited with 0 +++ [pid 361] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=361, si_uid=0, si_status=0, si_utime=3, si_stime=20} --- [pid 291] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 291] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 291] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 368] <... write resumed>) = 20699119 [pid 368] munmap(0x7f837a30b000, 138412032) = 0 [pid 368] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 368] ioctl(5, LOOP_SET_FD, 4 [pid 367] <... ioctl resumed>) = 0 [ 32.185748][ T362] F2FS-fs (loop0): switch discard_unit option is not allowed [ 32.223791][ T364] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [pid 367] close(4) = 0 [pid 368] <... ioctl resumed>) = 0 [pid 367] close(5 [pid 364] <... mount resumed>) = 0 [pid 368] close(4 [pid 367] <... close resumed>) = 0 [pid 364] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 368] <... close resumed>) = 0 [pid 367] mkdir("./file4", 0777 [pid 368] close(5 [pid 364] <... openat resumed>) = 4 [pid 367] <... mkdir resumed>) = 0 [pid 368] <... close resumed>) = 0 [pid 368] mkdir("./file4", 0777) = 0 [pid 368] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 367] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 364] chdir("./file4") = 0 [pid 364] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 364] ioctl(5, LOOP_CLR_FD [pid 370] <... write resumed>) = 20699119 [ 32.232088][ T368] loop1: detected capacity change from 0 to 40427 [ 32.239397][ T364] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 32.253372][ T368] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 32.260943][ T367] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 32.268982][ T367] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 370] munmap(0x7f837a30b000, 138412032 [pid 364] <... ioctl resumed>) = 0 [pid 364] close(5) = 0 [pid 370] <... munmap resumed>) = 0 [pid 370] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 370] ioctl(5, LOOP_SET_FD, 4 [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] fspick(AT_FDCWD, ".", 0) = 5 [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 370] <... ioctl resumed>) = 0 [pid 370] close(4) = 0 [pid 370] close(5) = 0 [pid 370] mkdir("./file4", 0777) = 0 [ 32.278653][ T368] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 32.293286][ T370] loop2: detected capacity change from 0 to 40427 [ 32.298402][ T367] F2FS-fs (loop3): fault_injection options not supported [ 32.307351][ T368] F2FS-fs (loop1): fault_injection options not supported [ 32.316095][ T368] F2FS-fs (loop1): fault_type options not supported [ 32.324570][ T367] F2FS-fs (loop3): fault_type options not supported [pid 370] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 364] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 360] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] <... futex resumed>) = 0 [pid 364] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] <... open resumed>) = 6 [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 360] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=360}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 364] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=360}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 364] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 364] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 360] <... futex resumed>) = 0 [pid 364] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 364] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [ 32.328987][ T370] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 32.340344][ T364] F2FS-fs (loop4): switch discard_unit option is not allowed [ 32.348060][ T368] F2FS-fs (loop1): invalid crc value [ 32.359214][ T367] F2FS-fs (loop3): invalid crc value [ 32.364741][ T370] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] <... futex resumed>) = 0 [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 360] <... futex resumed>) = 0 [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 364] <... futex resumed>) = 0 [pid 360] <... futex resumed>) = 1 [pid 364] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 360] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 364] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 360] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 364] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 360] exit_group(0 [pid 364] <... futex resumed>) = ? [pid 360] <... exit_group resumed>) = ? [pid 364] +++ exited with 0 +++ [pid 360] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=360, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 295] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 32.382935][ T367] F2FS-fs (loop3): Found nat_bits in checkpoint [ 32.384082][ T370] F2FS-fs (loop2): fault_injection options not supported [ 32.399843][ T368] F2FS-fs (loop1): Found nat_bits in checkpoint [ 32.400087][ T370] F2FS-fs (loop2): fault_type options not supported [ 32.417890][ T370] F2FS-fs (loop2): invalid crc value [pid 295] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 291] <... umount2 resumed>) = 0 [pid 291] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./2/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./2/file4") = 0 [pid 291] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./2/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./2") = 0 [pid 291] mkdir("./3", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [ 32.444302][ T370] F2FS-fs (loop2): Found nat_bits in checkpoint [ 32.478472][ T368] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 390 [pid 368] <... mount resumed>) = 0 [pid 368] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 368] chdir("./file4") = 0 [pid 368] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 368] ioctl(5, LOOP_CLR_FD) = 0 [pid 368] close(5 [pid 367] <... mount resumed>) = 0 [pid 367] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 390 attached [pid 390] set_robust_list(0x55557f749760, 24 [pid 367] <... openat resumed>) = 4 [pid 390] <... set_robust_list resumed>) = 0 [pid 367] chdir("./file4") = 0 [pid 390] chdir("./3" [pid 367] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 390] <... chdir resumed>) = 0 [pid 367] <... openat resumed>) = 5 [pid 390] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 367] ioctl(5, LOOP_CLR_FD [pid 390] <... prctl resumed>) = 0 [pid 367] <... ioctl resumed>) = 0 [pid 390] setpgid(0, 0 [pid 367] close(5 [pid 390] <... setpgid resumed>) = 0 [pid 367] <... close resumed>) = 0 [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 367] <... futex resumed>) = 1 [pid 365] <... futex resumed>) = 0 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] <... openat resumed>) = 3 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = 1 [pid 390] write(3, "1000", 4 [pid 367] fspick(AT_FDCWD, ".", 0 [pid 390] <... write resumed>) = 4 [pid 367] <... fspick resumed>) = 5 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 390] close(3 [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... close resumed>) = 0 [pid 367] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] symlink("/dev/binderfs", "./binderfs" [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 365] <... futex resumed>) = 0 [pid 390] <... symlink resumed>) = 0 [pid 367] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 390] write(1, "executing program\n", 18executing program ) = 18 [ 32.496536][ T368] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 32.496679][ T367] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 32.519893][ T367] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 32.534498][ T367] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 368] <... close resumed>) = 0 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] <... futex resumed>) = 0 [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... futex resumed>) = 0 [pid 368] fspick(AT_FDCWD, ".", 0) = 5 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 366] <... futex resumed>) = 0 [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... futex resumed>) = 1 [pid 368] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 390] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 390] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 370] <... mount resumed>) = 0 [pid 390] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 370] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 390] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 370] <... openat resumed>) = 4 [pid 390] <... mmap resumed>) = 0x7f838270b000 [pid 370] chdir("./file4" [pid 390] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE [pid 370] <... chdir resumed>) = 0 [pid 390] <... mprotect resumed>) = 0 [pid 370] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 390] rt_sigprocmask(SIG_BLOCK, ~[], [pid 370] <... openat resumed>) = 5 [pid 390] <... rt_sigprocmask resumed>[], 8) = 0 [pid 370] ioctl(5, LOOP_CLR_FD [pid 390] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 370] <... ioctl resumed>) = 0 [pid 370] close(5 [pid 390] <... clone3 resumed> => {parent_tid=[392]}, 88) = 392 [pid 370] <... close resumed>) = 0 [pid 390] rt_sigprocmask(SIG_SETMASK, [], [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] <... futex resumed>) = 0 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] fspick(AT_FDCWD, ".", 0 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... fspick resumed>) = 5 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 369] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 370] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 392 attached [pid 370] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 365] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 392] set_robust_list(0x7f838272b9a0, 24 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd73c, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... set_robust_list resumed>) = 0 [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = 0 [pid 392] rt_sigprocmask(SIG_SETMASK, [], [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 392] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 365] <... mmap resumed>) = 0x7f83826ea000 [pid 392] bpf(BPF_PROG_LOAD, NULL, 0 [pid 370] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 365] mprotect(0x7f83826eb000, 131072, PROT_READ|PROT_WRITE [pid 392] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 365] <... mprotect resumed>) = 0 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... open resumed>) = 6 [pid 365] rt_sigprocmask(SIG_BLOCK, ~[], [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... rt_sigprocmask resumed>[], 8) = 0 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 365] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838270a990, parent_tid=0x7f838270a990, exit_signal=0, stack=0x7f83826ea000, stack_size=0x20240, tls=0x7f838270a6c0} [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] bpf(BPF_MAP_CREATE, NULL, 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 365] <... clone3 resumed> => {parent_tid=[393]}, 88) = 393 [pid 392] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 370] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 365] rt_sigprocmask(SIG_SETMASK, [], [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 365] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd738, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = 0 ./strace-static-x86_64: Process 393 attached [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd73c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 393] set_robust_list(0x7f838270a9a0, 24 [pid 392] bpf(BPF_PROG_LOAD, NULL, 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 367] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 393] <... set_robust_list resumed>) = 0 [pid 392] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 370] sendfile(-1, -1, NULL, 281483568746501 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 393] rt_sigprocmask(SIG_SETMASK, [], [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 393] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... futex resumed>) = 0 [pid 393] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 393] <... open resumed>) = 6 [pid 369] <... futex resumed>) = 0 [pid 393] futex(0x7f83827fd73c, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 393] <... futex resumed>) = 1 [pid 392] bpf(BPF_PROG_LOAD, NULL, 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... sendto resumed>) = 28 [pid 365] <... futex resumed>) = 0 [pid 393] futex(0x7f83827fd738, FUTEX_WAIT_PRIVATE, 0, NULL [pid 392] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 370] recvfrom(3, [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=369}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] recvfrom(3, [pid 367] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = 1 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=369}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 367] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 392] bpf(BPF_MAP_CREATE, NULL, 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... futex resumed>) = 1 [pid 365] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 365] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 367] sendfile(-1, -1, NULL, 281483568746501 [pid 366] futex(0x7f83827fd73c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 366] <... futex resumed>) = 0 [pid 392] bpf(BPF_PROG_LOAD, NULL, 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 366] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 392] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... futex resumed>) = 1 [pid 366] <... mmap resumed>) = 0x7f83826ea000 [pid 365] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] mprotect(0x7f83826eb000, 131072, PROT_READ|PROT_WRITE [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 367] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... mprotect resumed>) = 0 [pid 365] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 367] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 366] rt_sigprocmask(SIG_BLOCK, ~[], [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... sendto resumed>) = 28 [pid 366] <... rt_sigprocmask resumed>[], 8) = 0 [pid 392] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 367] recvfrom(3, [pid 366] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838270a990, parent_tid=0x7f838270a990, exit_signal=0, stack=0x7f83826ea000, stack_size=0x20240, tls=0x7f838270a6c0} [pid 392] <... socket resumed>) = 3 [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=365}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 367] recvfrom(3, [pid 366] <... clone3 resumed> => {parent_tid=[394]}, 88) = 394 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 367] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=365}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 366] rt_sigprocmask(SIG_SETMASK, [], [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 368] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 366] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 394 attached [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... futex resumed>) = 1 [pid 366] futex(0x7f83827fd738, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 394] set_robust_list(0x7f838270a9a0, 24 [pid 392] bpf(BPF_MAP_CREATE, NULL, 72 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 368] <... futex resumed>) = 0 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] <... futex resumed>) = 0 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 394] <... set_robust_list resumed>) = 0 [pid 392] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 367] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] futex(0x7f83827fd73c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 365] <... futex resumed>) = 0 [pid 394] rt_sigprocmask(SIG_SETMASK, [], [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 369] <... futex resumed>) = 0 [pid 367] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] <... umount2 resumed>) = 0 [pid 394] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 369] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 367] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 295] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 394] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 394] <... open resumed>) = 6 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 370] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] <... futex resumed>) = 1 [pid 365] <... futex resumed>) = 0 [pid 295] newfstatat(AT_FDCWD, "./2/file4", [pid 394] futex(0x7f83827fd73c, FUTEX_WAKE_PRIVATE, 1000000 [ 32.543776][ T370] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 32.550895][ T370] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 32.556267][ T368] F2FS-fs (loop1): switch discard_unit option is not allowed [ 32.568735][ T370] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 392] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 370] <... futex resumed>) = 1 [pid 369] <... futex resumed>) = 0 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 394] <... futex resumed>) = 1 [pid 392] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 370] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] exit_group(0 [pid 367] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = 0 [pid 295] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 394] futex(0x7f83827fd738, FUTEX_WAIT_PRIVATE, 0, NULL [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 370] <... futex resumed>) = ? [pid 369] <... exit_group resumed>) = ? [pid 367] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 370] +++ exited with 0 +++ [pid 295] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 369] +++ exited with 0 +++ [pid 368] <... futex resumed>) = 0 [pid 367] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 366] <... futex resumed>) = 1 [pid 295] <... openat resumed>) = 4 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 368] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] newfstatat(4, "", [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=369, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 392] memfd_create("syzkaller", 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 368] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 367] <... futex resumed>) = 1 [pid 365] <... futex resumed>) = 0 [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 392] <... memfd_create resumed>) = 4 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] getdents64(4, [pid 392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 368] <... futex resumed>) = 1 [pid 367] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = 0 [pid 392] <... mmap resumed>) = 0x7f837a30b000 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 367] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 295] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 367] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 366] <... futex resumed>) = 0 [pid 368] sendfile(-1, -1, NULL, 281483568746501 [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 367] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 368] <... futex resumed>) = 1 [pid 366] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 368] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... sendto resumed>) = 28 [pid 368] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=366}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 368] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=366}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 365] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] getdents64(4, [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = 1 [pid 367] <... futex resumed>) = 0 [pid 366] <... futex resumed>) = 0 [pid 365] <... futex resumed>) = 1 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 367] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 367] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 366] <... futex resumed>) = 0 [pid 368] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 367] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 367] <... futex resumed>) = 1 [pid 365] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 367] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 365] exit_group(0 [pid 393] <... futex resumed>) = ? [pid 368] <... futex resumed>) = 1 [pid 367] <... futex resumed>) = ? [pid 366] <... futex resumed>) = 0 [pid 365] <... exit_group resumed>) = ? [pid 295] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 393] +++ exited with 0 +++ [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 367] +++ exited with 0 +++ [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] +++ exited with 0 +++ [pid 295] close(4 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 295] <... close resumed>) = 0 [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=365, si_uid=0, si_status=0, si_utime=8, si_stime=19} --- [pid 368] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 295] rmdir("./2/file4" [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 368] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 366] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 368] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 295] <... rmdir resumed>) = 0 [pid 368] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 368] <... futex resumed>) = 1 [pid 366] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 368] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 366] <... futex resumed>) = 0 [pid 295] newfstatat(AT_FDCWD, "./2/binderfs", [pid 368] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 366] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 368] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 295] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 368] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] unlink("./2/binderfs" [pid 368] <... futex resumed>) = 1 [pid 366] <... futex resumed>) = 0 [pid 368] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 366] exit_group(0 [pid 295] <... unlink resumed>) = 0 [pid 394] <... futex resumed>) = ? [pid 368] <... futex resumed>) = ? [pid 366] <... exit_group resumed>) = ? [pid 295] getdents64(3, [pid 394] +++ exited with 0 +++ [pid 368] +++ exited with 0 +++ [pid 366] +++ exited with 0 +++ [pid 295] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3 [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=366, si_uid=0, si_status=0, si_utime=4, si_stime=24} --- [pid 295] <... close resumed>) = 0 [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 295] rmdir("./2") = 0 [pid 295] mkdir("./3", 0777) = 0 [pid 294] <... restart_syscall resumed>) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3 [pid 294] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 295] <... close resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 395 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... openat resumed>) = 3 [pid 293] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] newfstatat(3, "", [pid 293] <... openat resumed>) = 3 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] newfstatat(3, "", [pid 294] getdents64(3, [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 293] getdents64(3, [pid 294] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 395 attached [pid 293] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 292] <... restart_syscall resumed>) = 0 [pid 293] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 292] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 292] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 395] set_robust_list(0x55557f749760, 24) = 0 [pid 395] chdir("./3") = 0 [pid 395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 395] setpgid(0, 0) = 0 [pid 395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 395] write(3, "1000", 4) = 4 [pid 395] close(3) = 0 [pid 395] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 395] write(1, "executing program\n", 18) = 18 [pid 395] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 395] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 395] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 395] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 395] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 395] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[396]}, 88) = 396 [pid 395] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 396 attached [pid 396] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 396] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 396] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 396] memfd_create("syzkaller", 0) = 4 [pid 396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 392] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 293] <... umount2 resumed>) = 0 [pid 294] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./2/file4", [pid 293] newfstatat(AT_FDCWD, "./2/file4", [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 293] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] <... openat resumed>) = 4 [pid 293] <... openat resumed>) = 4 [pid 294] newfstatat(4, "", [pid 293] newfstatat(4, "", [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, [pid 293] getdents64(4, [pid 294] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, [pid 293] getdents64(4, [pid 294] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4 [pid 293] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] <... close resumed>) = 0 [pid 293] close(4 [pid 294] rmdir("./2/file4" [pid 293] <... close resumed>) = 0 [pid 294] <... rmdir resumed>) = 0 [pid 293] rmdir("./2/file4" [pid 294] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... rmdir resumed>) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] newfstatat(AT_FDCWD, "./2/binderfs", [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] newfstatat(AT_FDCWD, "./2/binderfs", [pid 294] unlink("./2/binderfs" [pid 293] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] <... unlink resumed>) = 0 [pid 293] unlink("./2/binderfs" [pid 294] getdents64(3, [pid 293] <... unlink resumed>) = 0 [pid 294] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3 [pid 293] getdents64(3, [pid 294] <... close resumed>) = 0 [pid 293] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] rmdir("./2" [pid 293] close(3 [pid 294] <... rmdir resumed>) = 0 [pid 293] <... close resumed>) = 0 [pid 294] mkdir("./3", 0777 [pid 293] rmdir("./2" [pid 294] <... mkdir resumed>) = 0 [pid 293] <... rmdir resumed>) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 293] mkdir("./3", 0777 [pid 294] <... openat resumed>) = 3 [pid 293] <... mkdir resumed>) = 0 [pid 294] ioctl(3, LOOP_CLR_FD [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 294] close(3 [pid 293] <... openat resumed>) = 3 [pid 294] <... close resumed>) = 0 [pid 293] ioctl(3, LOOP_CLR_FD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 293] close(3 [pid 294] <... clone resumed>, child_tidptr=0x55557f749750) = 397 [pid 293] <... close resumed>) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 398 ./strace-static-x86_64: Process 397 attached [pid 397] set_robust_list(0x55557f749760, 24) = 0 [pid 397] chdir("./3") = 0 [pid 397] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 398 attached [pid 398] set_robust_list(0x55557f749760, 24) = 0 [pid 397] <... prctl resumed>) = 0 [pid 398] chdir("./3") = 0 [pid 397] setpgid(0, 0 [pid 398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 398] setpgid(0, 0) = 0 [pid 397] <... setpgid resumed>) = 0 [pid 397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 398] write(3, "1000", 4) = 4 [pid 398] close(3) = 0 [pid 398] symlink("/dev/binderfs", "./binderfs" [pid 397] <... openat resumed>) = 3 executing program [pid 398] <... symlink resumed>) = 0 [pid 398] write(1, "executing program\n", 18) = 18 [pid 398] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 398] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 397] write(3, "1000", 4 [pid 398] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 397] <... write resumed>) = 4 [pid 398] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 398] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 397] close(3) = 0 [pid 398] <... clone3 resumed> => {parent_tid=[399]}, 88) = 399 [pid 398] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] symlink("/dev/binderfs", "./binderfs") = 0 [pid 397] write(1, "executing program\n", 18executing program ) = 18 [pid 397] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 397] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 397] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 397] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 397] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 397] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[400]}, 88) = 400 [pid 397] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 399 attached [pid 399] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 399] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 399] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 ./strace-static-x86_64: Process 400 attached [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] set_robust_list(0x7f838272b9a0, 24 [pid 398] <... futex resumed>) = 0 [pid 400] <... set_robust_list resumed>) = 0 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 400] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 397] <... futex resumed>) = 1 [pid 400] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 397] <... futex resumed>) = 1 [pid 400] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 397] <... futex resumed>) = 0 [pid 400] bpf(BPF_PROG_LOAD, NULL, 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] <... futex resumed>) = 0 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] bpf(BPF_MAP_CREATE, NULL, 0 [pid 397] <... futex resumed>) = 0 [pid 400] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... futex resumed>) = 0 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 397] <... futex resumed>) = 1 [pid 400] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 397] <... futex resumed>) = 0 [pid 400] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... socket resumed>) = 3 [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 397] <... futex resumed>) = 1 [pid 400] bpf(BPF_MAP_CREATE, NULL, 72 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] <... futex resumed>) = 0 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 397] <... futex resumed>) = 0 [pid 400] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... futex resumed>) = 0 [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 399] bpf(BPF_MAP_CREATE, NULL, 0 [pid 400] memfd_create("syzkaller", 0 [pid 399] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 400] <... memfd_create resumed>) = 4 [pid 400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 396] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 398] <... futex resumed>) = 0 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... futex resumed>) = 0 [pid 399] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] bpf(BPF_PROG_LOAD, NULL, 0 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... socket resumed>) = 3 [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] bpf(BPF_MAP_CREATE, NULL, 72 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] memfd_create("syzkaller", 0 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... memfd_create resumed>) = 4 [pid 398] <... futex resumed>) = 0 [pid 399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 399] <... mmap resumed>) = 0x7f837a30b000 [pid 392] <... write resumed>) = 20699119 [pid 392] munmap(0x7f837a30b000, 138412032) = 0 [pid 392] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 392] ioctl(5, LOOP_SET_FD, 4 [pid 292] <... umount2 resumed>) = 0 [pid 292] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./2/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4) = 0 [pid 292] rmdir("./2/file4") = 0 [pid 292] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./2/binderfs") = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./2") = 0 [pid 292] mkdir("./3", 0777) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 401 [pid 392] <... ioctl resumed>) = 0 [pid 392] close(4) = 0 [pid 392] close(5) = 0 [pid 392] mkdir("./file4", 0777) = 0 [pid 392] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"..../strace-static-x86_64: Process 401 attached [pid 401] set_robust_list(0x55557f749760, 24) = 0 [ 32.935295][ T392] loop0: detected capacity change from 0 to 40427 [ 32.964628][ T392] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 401] chdir("./3") = 0 [pid 401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 401] setpgid(0, 0) = 0 [pid 401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 401] write(3, "1000", 4) = 4 [pid 401] close(3) = 0 [pid 401] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 401] write(1, "executing program\n", 18) = 18 [pid 401] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 401] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 401] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 401] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 401] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 401] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 401] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[402]}, 88) = 402 [pid 401] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 402 attached [pid 402] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 402] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 402] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... futex resumed>) = 0 [pid 402] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] bpf(BPF_PROG_LOAD, NULL, 0 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] <... futex resumed>) = 0 [pid 402] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... socket resumed>) = 3 [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] <... futex resumed>) = 0 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 402] bpf(BPF_MAP_CREATE, NULL, 72 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] <... futex resumed>) = 0 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] <... futex resumed>) = 0 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] memfd_create("syzkaller", 0 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 402] <... memfd_create resumed>) = 4 [pid 402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 32.989627][ T392] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 33.008804][ T392] F2FS-fs (loop0): fault_injection options not supported [ 33.026376][ T392] F2FS-fs (loop0): fault_type options not supported [ 33.033957][ T392] F2FS-fs (loop0): invalid crc value [ 33.071746][ T392] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 400] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 396] <... write resumed>) = 20699119 [pid 396] munmap(0x7f837a30b000, 138412032) = 0 [pid 396] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 396] ioctl(5, LOOP_SET_FD, 4 [pid 392] <... mount resumed>) = 0 [pid 392] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 392] chdir("./file4") = 0 [pid 392] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 392] ioctl(5, LOOP_CLR_FD) = 0 [pid 392] close(5) = 0 [pid 399] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 390] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = 0 [pid 390] <... futex resumed>) = 1 [pid 392] fspick(AT_FDCWD, ".", 0) = 5 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 392] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 33.140380][ T392] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 33.150176][ T392] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 33.152218][ T396] loop4: detected capacity change from 0 to 40427 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 396] <... ioctl resumed>) = 0 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] close(4 [pid 392] <... futex resumed>) = 1 [pid 390] <... futex resumed>) = 0 [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] <... close resumed>) = 0 [pid 392] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 396] close(5) = 0 [pid 392] <... open resumed>) = 6 [pid 396] mkdir("./file4", 0777 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 390] <... futex resumed>) = 0 [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 396] <... mkdir resumed>) = 0 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 392] <... futex resumed>) = 1 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] <... futex resumed>) = 0 [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 392] <... futex resumed>) = 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 390] <... futex resumed>) = 0 [pid 392] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... sendto resumed>) = 28 [pid 390] <... futex resumed>) = 0 [pid 392] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=390}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=390}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 390] <... futex resumed>) = 0 [pid 392] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 390] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 392] <... futex resumed>) = 0 [pid 390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 392] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 392] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 390] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 392] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 390] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 392] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 390] <... futex resumed>) = 0 [pid 392] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 390] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 392] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 392] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 390] <... futex resumed>) = 0 [pid 392] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 390] exit_group(0 [pid 392] <... futex resumed>) = ? [pid 390] <... exit_group resumed>) = ? [pid 392] +++ exited with 0 +++ [pid 390] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=390, si_uid=0, si_status=0, si_utime=8, si_stime=20} --- [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 400] <... write resumed>) = 20699119 [pid 400] munmap(0x7f837a30b000, 138412032) = 0 [pid 400] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [ 33.184853][ T392] F2FS-fs (loop0): switch discard_unit option is not allowed [ 33.219619][ T396] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 400] ioctl(5, LOOP_SET_FD, 4 [pid 291] <... restart_syscall resumed>) = 0 [pid 291] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 291] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 400] <... ioctl resumed>) = 0 [pid 400] close(4) = 0 [pid 400] close(5) = 0 [pid 400] mkdir("./file4", 0777) = 0 [pid 400] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 33.235714][ T400] loop3: detected capacity change from 0 to 40427 [ 33.240551][ T396] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 33.263128][ T400] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 33.280101][ T400] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 33.283229][ T396] F2FS-fs (loop4): fault_injection options not supported [ 33.297466][ T400] F2FS-fs (loop3): fault_injection options not supported [ 33.314565][ T400] F2FS-fs (loop3): fault_type options not supported [ 33.327336][ T396] F2FS-fs (loop4): fault_type options not supported [ 33.334590][ T400] F2FS-fs (loop3): invalid crc value [ 33.351424][ T400] F2FS-fs (loop3): Found nat_bits in checkpoint [ 33.358705][ T396] F2FS-fs (loop4): invalid crc value [pid 402] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 399] <... write resumed>) = 20699119 [pid 399] munmap(0x7f837a30b000, 138412032) = 0 [pid 399] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 402] <... write resumed>) = 20699119 [pid 399] <... openat resumed>) = 5 [pid 399] ioctl(5, LOOP_SET_FD, 4 [pid 402] munmap(0x7f837a30b000, 138412032) = 0 [pid 402] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 402] ioctl(5, LOOP_SET_FD, 4 [pid 399] <... ioctl resumed>) = 0 [pid 399] close(4) = 0 [pid 399] close(5) = 0 [pid 399] mkdir("./file4", 0777) = 0 [pid 399] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 402] <... ioctl resumed>) = 0 [ 33.400411][ T396] F2FS-fs (loop4): Found nat_bits in checkpoint [ 33.418352][ T399] loop2: detected capacity change from 0 to 40427 [ 33.428371][ T402] loop1: detected capacity change from 0 to 40427 [ 33.435830][ T400] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 33.443822][ T399] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 402] close(4) = 0 [pid 402] close(5) = 0 [pid 402] mkdir("./file4", 0777) = 0 [pid 402] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 400] <... mount resumed>) = 0 [ 33.453233][ T400] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 33.463319][ T402] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 33.482319][ T402] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 33.482357][ T399] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 400] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 400] chdir("./file4") = 0 [pid 400] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 400] ioctl(5, LOOP_CLR_FD) = 0 [pid 400] close(5) = 0 [pid 291] <... umount2 resumed>) = 0 [pid 291] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./3/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./3/file4") = 0 [pid 291] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./3/binderfs") = 0 [pid 291] getdents64(3, [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 400] <... futex resumed>) = 1 [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 400] fspick(AT_FDCWD, ".", 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... fspick resumed>) = 5 [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 397] <... futex resumed>) = 1 [pid 400] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] rmdir("./3") = 0 [pid 291] mkdir("./4", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3 [pid 400] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 397] <... futex resumed>) = 0 [pid 400] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... open resumed>) = 6 [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 397] <... futex resumed>) = 0 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... futex resumed>) = 0 [pid 400] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 291] <... close resumed>) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 415 ./strace-static-x86_64: Process 415 attached [pid 415] set_robust_list(0x55557f749760, 24) = 0 [pid 415] chdir("./4") = 0 [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 415] setpgid(0, 0) = 0 [pid 415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 415] write(3, "1000", 4) = 4 [pid 415] close(3) = 0 [pid 415] symlink("/dev/binderfs", "./binderfs") = 0 [pid 415] write(1, "executing program\n", 18executing program ) = 18 [pid 415] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 415] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 415] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 415] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 415] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 415] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[416]}, 88) = 416 [pid 415] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 416 attached [ 33.491096][ T402] F2FS-fs (loop1): fault_injection options not supported [ 33.509669][ T402] F2FS-fs (loop1): fault_type options not supported [ 33.526264][ T400] F2FS-fs (loop3): switch discard_unit option is not allowed [ 33.541691][ T402] F2FS-fs (loop1): invalid crc value [pid 416] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 416] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 416] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 1 [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] sendfile(-1, -1, NULL, 281483568746501 [pid 415] <... futex resumed>) = 0 [pid 400] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 400] <... futex resumed>) = 1 [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... futex resumed>) = 1 [pid 416] memfd_create("syzkaller", 0) = 4 [pid 416] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 400] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 400] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=397}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 396] <... mount resumed>) = 0 [pid 400] recvfrom(3, [pid 396] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 400] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=397}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 396] <... openat resumed>) = 4 [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] chdir("./file4" [pid 400] <... futex resumed>) = 1 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] <... futex resumed>) = 0 [pid 396] <... chdir resumed>) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 396] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 400] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 396] <... openat resumed>) = 5 [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] ioctl(5, LOOP_CLR_FD [pid 400] <... futex resumed>) = 1 [pid 396] <... ioctl resumed>) = 0 [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 396] close(5 [pid 397] <... futex resumed>) = 0 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 400] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 396] <... close resumed>) = 0 [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 1 [pid 397] <... futex resumed>) = 0 [pid 396] <... futex resumed>) = 1 [pid 395] <... futex resumed>) = 0 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 400] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 397] <... futex resumed>) = 0 [pid 396] fspick(AT_FDCWD, ".", 0 [pid 395] <... futex resumed>) = 0 [pid 400] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 396] <... fspick resumed>) = 5 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... futex resumed>) = 0 [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 395] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 396] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 397] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 395] <... futex resumed>) = 0 [ 33.548177][ T396] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 33.555986][ T399] F2FS-fs (loop2): fault_injection options not supported [ 33.565117][ T396] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 33.573218][ T399] F2FS-fs (loop2): fault_type options not supported [ 33.581582][ T399] F2FS-fs (loop2): invalid crc value [ 33.588438][ T402] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 397] <... futex resumed>) = 1 [pid 397] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... futex resumed>) = 0 [pid 400] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 400] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 397] <... futex resumed>) = 0 [pid 400] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 397] exit_group(0 [pid 400] <... futex resumed>) = ? [pid 397] <... exit_group resumed>) = ? [pid 400] +++ exited with 0 +++ [pid 397] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=397, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 294] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 396] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] <... futex resumed>) = 0 [pid 396] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] <... futex resumed>) = 0 [pid 396] sendfile(-1, -1, NULL, 281483568746501 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] <... futex resumed>) = 0 [pid 396] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] <... sendto resumed>) = 28 [pid 396] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=395}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 396] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=395}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] <... futex resumed>) = 0 [pid 396] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 396] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = 0 [pid 395] <... futex resumed>) = 1 [pid 396] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 396] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] <... futex resumed>) = 0 [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = 0 [pid 395] <... futex resumed>) = 1 [pid 396] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 396] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 395] <... futex resumed>) = 0 [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 395] <... futex resumed>) = 0 [pid 396] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 395] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 396] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 395] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 396] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 395] exit_group(0 [pid 396] <... futex resumed>) = ? [pid 395] <... exit_group resumed>) = ? [pid 396] +++ exited with 0 +++ [pid 395] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=395, si_uid=0, si_status=0, si_utime=6, si_stime=24} --- [ 33.605944][ T396] F2FS-fs (loop4): switch discard_unit option is not allowed [ 33.624323][ T399] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 295] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 295] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 402] <... mount resumed>) = 0 [pid 402] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 402] chdir("./file4") = 0 [pid 402] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 402] ioctl(5, LOOP_CLR_FD) = 0 [pid 402] close(5) = 0 [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] <... futex resumed>) = 0 [pid 402] fspick(AT_FDCWD, ".", 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... fspick resumed>) = 5 [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 401] <... futex resumed>) = 0 [ 33.694170][ T402] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 33.704985][ T402] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 416] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] <... futex resumed>) = 0 [pid 402] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... open resumed>) = 6 [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] sendfile(-1, -1, NULL, 281483568746501 [pid 401] <... futex resumed>) = 0 [pid 402] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 402] <... futex resumed>) = 0 [pid 402] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] <... sendto resumed>) = 28 [pid 401] <... futex resumed>) = 0 [pid 402] recvfrom(3, [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=401}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 402] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=401}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] <... futex resumed>) = 0 [pid 402] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 402] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 401] <... futex resumed>) = 0 [pid 402] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 402] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 401] <... futex resumed>) = 0 [pid 402] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 402] <... futex resumed>) = 0 [pid 401] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 402] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 401] <... futex resumed>) = 0 [pid 402] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 401] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 402] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 402] <... futex resumed>) = 0 [pid 402] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] exit_group(0 [pid 402] <... futex resumed>) = ? [pid 401] <... exit_group resumed>) = ? [pid 402] +++ exited with 0 +++ [pid 401] +++ exited with 0 +++ [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=401, si_uid=0, si_status=0, si_utime=3, si_stime=21} --- [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 399] <... mount resumed>) = 0 [pid 292] <... restart_syscall resumed>) = 0 [pid 292] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 292] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 399] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 399] chdir("./file4") = 0 [pid 399] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 399] ioctl(5, LOOP_CLR_FD) = 0 [pid 399] close(5) = 0 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] fspick(AT_FDCWD, ".", 0 [pid 398] <... futex resumed>) = 0 [pid 399] <... fspick resumed>) = 5 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] <... futex resumed>) = 0 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 398] <... futex resumed>) = 0 [ 33.734939][ T402] F2FS-fs (loop1): switch discard_unit option is not allowed [ 33.742812][ T399] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 33.757747][ T399] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... open resumed>) = 6 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] <... futex resumed>) = 0 [pid 399] <... futex resumed>) = 1 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 398] <... futex resumed>) = 0 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 398] <... futex resumed>) = 0 [pid 399] sendfile(-1, -1, NULL, 281483568746501 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 398] <... futex resumed>) = 0 [pid 399] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... sendto resumed>) = 28 [pid 399] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=398}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 399] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=398}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 398] <... futex resumed>) = 0 [pid 399] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] <... futex resumed>) = 0 [pid 399] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 399] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 398] <... futex resumed>) = 0 [pid 399] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 399] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 398] <... futex resumed>) = 0 [pid 399] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 398] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 399] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 399] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 398] <... futex resumed>) = 0 [pid 399] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] exit_group(0 [pid 399] <... futex resumed>) = ? [pid 398] <... exit_group resumed>) = ? [pid 399] +++ exited with 0 +++ [pid 398] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=398, si_uid=0, si_status=0, si_utime=5, si_stime=20} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] <... umount2 resumed>) = 0 [pid 293] newfstatat(3, "", [pid 294] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] getdents64(3, [pid 294] newfstatat(AT_FDCWD, "./3/file4", [pid 293] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 33.796038][ T399] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./3/file4") = 0 [pid 294] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./3/binderfs") = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./3") = 0 [pid 294] mkdir("./4", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 425 ./strace-static-x86_64: Process 425 attached [pid 425] set_robust_list(0x55557f749760, 24) = 0 [pid 425] chdir("./4") = 0 [pid 425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 425] setpgid(0, 0) = 0 [pid 425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 425] write(3, "1000", 4) = 4 [pid 425] close(3) = 0 [pid 425] symlink("/dev/binderfs", "./binderfs") = 0 [pid 425] write(1, "executing program\n", 18executing program ) = 18 [pid 425] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 425] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 425] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 425] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 425] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 425] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[426]}, 88) = 426 [pid 425] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 426 attached [pid 426] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 426] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 426] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 425] <... futex resumed>) = 0 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 426] bpf(BPF_MAP_CREATE, NULL, 0 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 426] <... futex resumed>) = 0 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 425] <... futex resumed>) = 0 [pid 426] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 426] bpf(BPF_PROG_LOAD, NULL, 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 425] <... futex resumed>) = 0 [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] <... futex resumed>) = 0 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 426] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 425] <... futex resumed>) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] bpf(BPF_PROG_LOAD, NULL, 0 [pid 425] <... futex resumed>) = 0 [pid 426] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] <... futex resumed>) = 0 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 295] <... umount2 resumed>) = 0 [pid 426] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 426] <... socket resumed>) = 3 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 425] <... futex resumed>) = 0 [pid 295] newfstatat(AT_FDCWD, "./3/file4", [pid 426] bpf(BPF_MAP_CREATE, NULL, 72 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] <... futex resumed>) = 0 [pid 295] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 295] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 426] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 295] <... openat resumed>) = 4 [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 425] <... futex resumed>) = 0 [pid 295] newfstatat(4, "", [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 425] <... futex resumed>) = 0 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 426] memfd_create("syzkaller", 0 [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 426] <... memfd_create resumed>) = 4 [pid 295] getdents64(4, [pid 426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 295] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 426] <... mmap resumed>) = 0x7f837a30b000 [pid 295] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 295] close(4) = 0 [pid 295] rmdir("./3/file4") = 0 [pid 295] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./3/binderfs") = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3) = 0 [pid 295] rmdir("./3") = 0 [pid 295] mkdir("./4", 0777) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 427 ./strace-static-x86_64: Process 427 attached [pid 427] set_robust_list(0x55557f749760, 24) = 0 [pid 427] chdir("./4") = 0 [pid 427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 427] setpgid(0, 0) = 0 [pid 427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 427] write(3, "1000", 4) = 4 [pid 427] close(3) = 0 [pid 427] symlink("/dev/binderfs", "./binderfs") = 0 [pid 427] write(1, "executing program\n", 18executing program ) = 18 [pid 427] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 427] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 427] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 427] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 427] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 427] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[428]}, 88) = 428 [pid 427] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 428 attached [pid 428] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 428] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 428] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 428] <... futex resumed>) = 1 [pid 428] memfd_create("syzkaller", 0) = 4 [pid 428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 416] <... write resumed>) = 20699119 [pid 416] munmap(0x7f837a30b000, 138412032) = 0 [pid 416] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 416] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 416] close(4) = 0 [pid 416] close(5) = 0 [pid 416] mkdir("./file4", 0777 [pid 292] <... umount2 resumed>) = 0 [pid 416] <... mkdir resumed>) = 0 [pid 416] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 292] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./3/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4) = 0 [pid 292] rmdir("./3/file4") = 0 [pid 292] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./3/binderfs") = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./3") = 0 [pid 292] mkdir("./4", 0777) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 429 ./strace-static-x86_64: Process 429 attached [pid 429] set_robust_list(0x55557f749760, 24) = 0 [pid 429] chdir("./4") = 0 [pid 429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 429] setpgid(0, 0) = 0 [ 34.023455][ T416] loop0: detected capacity change from 0 to 40427 [ 34.053454][ T416] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 34.060603][ T416] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 429] write(3, "1000", 4) = 4 [pid 429] close(3) = 0 [pid 429] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 429] write(1, "executing program\n", 18) = 18 [pid 429] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 429] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 429] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 429] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 429] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 429] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[430]}, 88) = 430 [pid 429] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 430 attached [pid 430] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 430] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 430] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] memfd_create("syzkaller", 0) = 4 [pid 430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 293] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./3/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./3/file4") = 0 [pid 293] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./3/binderfs") = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./3" [pid 426] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... rmdir resumed>) = 0 [pid 293] mkdir("./4", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 432 ./strace-static-x86_64: Process 432 attached [pid 432] set_robust_list(0x55557f749760, 24) = 0 [pid 432] chdir("./4") = 0 [pid 432] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 432] setpgid(0, 0) = 0 [pid 432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 432] write(3, "1000", 4) = 4 [pid 432] close(3) = 0 [pid 432] symlink("/dev/binderfs", "./binderfs") = 0 [pid 432] write(1, "executing program\n", 18executing program ) = 18 [pid 432] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 432] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 432] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 432] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 432] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 432] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[435]}, 88) = 435 [pid 432] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 34.093888][ T416] F2FS-fs (loop0): fault_injection options not supported [ 34.101267][ T416] F2FS-fs (loop0): fault_type options not supported [ 34.120011][ T416] F2FS-fs (loop0): invalid crc value [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 435 attached [pid 435] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 435] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 435] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... futex resumed>) = 0 [pid 435] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] bpf(BPF_PROG_LOAD, NULL, 0 [pid 432] <... futex resumed>) = 0 [pid 435] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... futex resumed>) = 0 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] bpf(BPF_PROG_LOAD, NULL, 0 [pid 432] <... futex resumed>) = 0 [pid 435] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = 0 [pid 432] <... futex resumed>) = 1 [pid 435] bpf(BPF_MAP_CREATE, NULL, 0 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] bpf(BPF_PROG_LOAD, NULL, 0 [pid 432] <... futex resumed>) = 0 [pid 435] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 435] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... socket resumed>) = 3 [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 435] bpf(BPF_MAP_CREATE, NULL, 72 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 435] memfd_create("syzkaller", 0) = 4 [pid 435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 34.156246][ T416] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 428] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 426] <... write resumed>) = 20699119 [pid 430] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 416] <... mount resumed>) = 0 [pid 426] munmap(0x7f837a30b000, 138412032 [pid 416] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 426] <... munmap resumed>) = 0 [pid 416] chdir("./file4" [pid 426] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 416] <... chdir resumed>) = 0 [pid 426] <... openat resumed>) = 5 [pid 416] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 426] ioctl(5, LOOP_SET_FD, 4 [pid 416] <... openat resumed>) = 5 [pid 416] ioctl(5, LOOP_CLR_FD) = 0 [pid 416] close(5) = 0 [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 416] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 416] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] fspick(AT_FDCWD, ".", 0) = 5 [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 34.272785][ T416] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 34.289748][ T416] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 34.306125][ T426] loop3: detected capacity change from 0 to 40427 [pid 416] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 416] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] <... ioctl resumed>) = 0 [pid 416] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] close(4 [pid 416] <... futex resumed>) = 1 [pid 426] <... close resumed>) = 0 [pid 416] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 426] close(5) = 0 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 416] <... futex resumed>) = 0 [pid 426] mkdir("./file4", 0777 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] sendfile(-1, -1, NULL, 281483568746501 [pid 426] <... mkdir resumed>) = 0 [pid 416] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 416] <... futex resumed>) = 1 [pid 415] <... futex resumed>) = 0 [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 416] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=415}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 416] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=415}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 416] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] <... futex resumed>) = 0 [pid 415] <... futex resumed>) = 1 [pid 416] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 416] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 416] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 415] <... futex resumed>) = 0 [pid 416] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 416] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 416] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 415] <... futex resumed>) = 0 [pid 416] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 416] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 416] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 415] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 416] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 415] <... futex resumed>) = 0 [pid 416] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 415] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 416] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 416] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 415] <... futex resumed>) = 0 [pid 416] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 415] exit_group(0 [pid 416] <... futex resumed>) = ? [pid 415] <... exit_group resumed>) = ? [pid 416] +++ exited with 0 +++ [pid 415] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=415, si_uid=0, si_status=0, si_utime=6, si_stime=25} --- [pid 291] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 291] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 34.330143][ T416] F2FS-fs (loop0): switch discard_unit option is not allowed [ 34.363075][ T426] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 291] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 428] <... write resumed>) = 20699119 [pid 428] munmap(0x7f837a30b000, 138412032) = 0 [pid 428] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 428] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 428] close(4 [pid 435] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 428] <... close resumed>) = 0 [ 34.389589][ T426] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 34.414475][ T428] loop4: detected capacity change from 0 to 40427 [ 34.424068][ T426] F2FS-fs (loop3): fault_injection options not supported [pid 428] close(5) = 0 [pid 428] mkdir("./file4", 0777) = 0 [ 34.434437][ T426] F2FS-fs (loop3): fault_type options not supported [ 34.453881][ T426] F2FS-fs (loop3): invalid crc value [ 34.456587][ T428] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 34.483919][ T426] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 428] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 430] <... write resumed>) = 20699119 [pid 430] munmap(0x7f837a30b000, 138412032) = 0 [pid 430] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 430] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 430] close(4) = 0 [pid 430] close(5) = 0 [pid 430] mkdir("./file4", 0777) = 0 [ 34.490300][ T428] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 34.521434][ T428] F2FS-fs (loop4): fault_injection options not supported [ 34.529621][ T430] loop1: detected capacity change from 0 to 40427 [pid 430] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 435] <... write resumed>) = 20699119 [pid 435] munmap(0x7f837a30b000, 138412032) = 0 [pid 435] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [ 34.554317][ T428] F2FS-fs (loop4): fault_type options not supported [ 34.561663][ T430] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 34.572232][ T426] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 34.573779][ T430] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 34.581404][ T426] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 34.596966][ T428] F2FS-fs (loop4): invalid crc value [pid 435] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 435] close(4) = 0 [pid 435] close(5) = 0 [pid 435] mkdir("./file4", 0777) = 0 [pid 426] <... mount resumed>) = 0 [pid 435] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 426] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 426] chdir("./file4") = 0 [pid 426] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 426] ioctl(5, LOOP_CLR_FD) = 0 [pid 426] close(5) = 0 [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 426] <... futex resumed>) = 0 [pid 426] fspick(AT_FDCWD, ".", 0) = 5 [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] <... futex resumed>) = 0 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 34.597700][ T435] loop2: detected capacity change from 0 to 40427 [ 34.608837][ T430] F2FS-fs (loop1): fault_injection options not supported [ 34.612714][ T435] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 34.628696][ T426] F2FS-fs (loop3): switch discard_unit option is not allowed [ 34.646987][ T430] F2FS-fs (loop1): fault_type options not supported [pid 426] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 291] <... umount2 resumed>) = 0 [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 291] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 426] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 291] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 426] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 426] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... openat resumed>) = 4 [pid 426] <... futex resumed>) = 1 [pid 425] <... futex resumed>) = 0 [pid 291] newfstatat(4, "", [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 425] <... futex resumed>) = 1 [pid 426] <... futex resumed>) = 0 [pid 426] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 291] getdents64(4, [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] getdents64(4, [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 291] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 426] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] close(4 [pid 426] <... sendto resumed>) = 28 [pid 426] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=425}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 291] <... close resumed>) = 0 [pid 426] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=425}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 291] rmdir("./4/file4" [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = 0 [pid 291] <... rmdir resumed>) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 426] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] newfstatat(AT_FDCWD, "./4/binderfs", [pid 426] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 291] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = 0 [pid 291] unlink("./4/binderfs" [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... unlink resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 426] <... futex resumed>) = 0 [pid 426] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 291] getdents64(3, [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] close(3 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 291] <... close resumed>) = 0 [pid 426] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 291] rmdir("./4" [pid 426] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 291] <... rmdir resumed>) = 0 [pid 425] <... futex resumed>) = 0 [pid 425] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] mkdir("./5", 0777 [pid 426] <... futex resumed>) = 0 [pid 425] <... futex resumed>) = 1 [pid 426] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 426] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 426] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 425] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 291] <... mkdir resumed>) = 0 [pid 425] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 425] exit_group(0 [pid 291] <... openat resumed>) = 3 [pid 426] <... futex resumed>) = ? [pid 425] <... exit_group resumed>) = ? [pid 291] ioctl(3, LOOP_CLR_FD [pid 426] +++ exited with 0 +++ [pid 425] +++ exited with 0 +++ [pid 291] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=425, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 291] close(3 [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 291] <... close resumed>) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 447 [ 34.650305][ T435] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 34.658317][ T428] F2FS-fs (loop4): Found nat_bits in checkpoint [ 34.671900][ T430] F2FS-fs (loop1): invalid crc value [ 34.677613][ T435] F2FS-fs (loop2): fault_injection options not supported [ 34.694058][ T435] F2FS-fs (loop2): fault_type options not supported [pid 294] <... restart_syscall resumed>) = 0 [pid 294] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 294] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 447 attached [pid 447] set_robust_list(0x55557f749760, 24) = 0 [pid 447] chdir("./5") = 0 [pid 447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 447] setpgid(0, 0) = 0 [pid 447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 447] write(3, "1000", 4) = 4 [pid 447] close(3) = 0 [pid 447] symlink("/dev/binderfs", "./binderfs") = 0 [pid 447] write(1, "executing program\n", 18executing program ) = 18 [pid 447] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 447] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 447] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 447] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 447] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 447] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 447] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[448]}, 88) = 448 [pid 447] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 448 attached [pid 448] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 448] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 448] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] <... futex resumed>) = 0 [pid 448] bpf(BPF_MAP_CREATE, NULL, 0 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] bpf(BPF_PROG_LOAD, NULL, 0 [pid 447] <... futex resumed>) = 0 [pid 448] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] <... futex resumed>) = 0 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] bpf(BPF_MAP_CREATE, NULL, 0 [pid 447] <... futex resumed>) = 0 [pid 448] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] <... futex resumed>) = 0 [pid 448] bpf(BPF_PROG_LOAD, NULL, 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 447] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 447] <... futex resumed>) = 0 [pid 448] <... socket resumed>) = 3 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] <... futex resumed>) = 0 [pid 448] bpf(BPF_MAP_CREATE, NULL, 72 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] <... futex resumed>) = 0 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] <... futex resumed>) = 0 [pid 448] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] <... futex resumed>) = 0 [pid 448] memfd_create("syzkaller", 0 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 448] <... memfd_create resumed>) = 4 [pid 448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 34.711691][ T430] F2FS-fs (loop1): Found nat_bits in checkpoint [ 34.723587][ T435] F2FS-fs (loop2): invalid crc value [pid 430] <... mount resumed>) = 0 [pid 430] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 430] chdir("./file4") = 0 [pid 430] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 430] ioctl(5, LOOP_CLR_FD) = 0 [pid 430] close(5) = 0 [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 430] fspick(AT_FDCWD, ".", 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... fspick resumed>) = 5 [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 430] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 34.767408][ T430] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 34.774973][ T428] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 34.783519][ T430] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 34.792020][ T435] F2FS-fs (loop2): Found nat_bits in checkpoint [ 34.800246][ T428] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 430] <... futex resumed>) = 1 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 429] <... futex resumed>) = 0 [pid 430] <... open resumed>) = 6 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 430] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 429] <... futex resumed>) = 0 [pid 430] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 430] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] sendfile(-1, -1, NULL, 281483568746501 [pid 429] <... futex resumed>) = 0 [pid 430] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 430] <... futex resumed>) = 0 [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 429] <... futex resumed>) = 0 [pid 430] <... sendto resumed>) = 28 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=429}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 430] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=429}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 430] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 430] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 430] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 430] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 430] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 429] <... futex resumed>) = 0 [pid 430] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 429] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 430] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 430] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 429] <... futex resumed>) = 0 [pid 430] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] exit_group(0 [pid 430] <... futex resumed>) = ? [pid 429] <... exit_group resumed>) = ? [pid 430] +++ exited with 0 +++ [pid 429] +++ exited with 0 +++ [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=429, si_uid=0, si_status=0, si_utime=3, si_stime=20} --- [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 428] <... mount resumed>) = 0 [pid 292] <... restart_syscall resumed>) = 0 [pid 292] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 34.815141][ T430] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 292] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 448] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 428] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 428] chdir("./file4") = 0 [pid 428] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 428] ioctl(5, LOOP_CLR_FD) = 0 [pid 428] close(5) = 0 [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] <... futex resumed>) = 0 [pid 428] fspick(AT_FDCWD, ".", 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... fspick resumed>) = 5 [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... futex resumed>) = 0 [pid 428] <... futex resumed>) = 1 [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 427] <... futex resumed>) = 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... open resumed>) = 6 [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 0 [pid 427] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] sendfile(-1, -1, NULL, 281483568746501 [pid 427] <... futex resumed>) = 0 [pid 428] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... futex resumed>) = 0 [pid 427] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 427] <... futex resumed>) = 0 [pid 428] <... sendto resumed>) = 28 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=427}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 428] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=427}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] <... futex resumed>) = 0 [pid 428] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 428] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] <... futex resumed>) = 0 [pid 428] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 428] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] <... futex resumed>) = 0 [pid 428] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 428] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] <... futex resumed>) = 0 [pid 428] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 427] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 428] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 428] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 427] <... futex resumed>) = 0 [pid 428] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 427] exit_group(0 [pid 428] <... futex resumed>) = ? [pid 427] <... exit_group resumed>) = ? [pid 428] +++ exited with 0 +++ [ 34.850293][ T292] bio_check_eod: 12 callbacks suppressed [ 34.850312][ T292] syz-executor130: attempt to access beyond end of device [ 34.850312][ T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 34.878681][ T428] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 427] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=427, si_uid=0, si_status=0, si_utime=2, si_stime=19} --- [pid 295] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 295] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 435] <... mount resumed>) = 0 [pid 435] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 435] chdir("./file4") = 0 [pid 435] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 435] ioctl(5, LOOP_CLR_FD) = 0 [pid 435] close(5) = 0 [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 435] fspick(AT_FDCWD, ".", 0 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... fspick resumed>) = 5 [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 435] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 34.937853][ T295] syz-executor130: attempt to access beyond end of device [ 34.937853][ T295] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 34.963027][ T435] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 34.973791][ T435] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = 0 [pid 435] <... futex resumed>) = 1 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... write resumed>) = 20699119 [pid 435] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 432] <... futex resumed>) = 0 [pid 435] <... open resumed>) = 6 [pid 448] munmap(0x7f837a30b000, 138412032 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 432] <... futex resumed>) = 0 [pid 435] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] sendfile(-1, -1, NULL, 281483568746501 [pid 432] <... futex resumed>) = 0 [pid 435] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 432] <... futex resumed>) = 0 [pid 435] <... sendto resumed>) = 28 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=432}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 448] <... munmap resumed>) = 0 [pid 435] recvfrom(3, [pid 448] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 435] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=432}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 448] <... openat resumed>) = 5 [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] ioctl(5, LOOP_SET_FD, 4 [pid 435] <... futex resumed>) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 432] <... futex resumed>) = 0 [pid 435] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] <... umount2 resumed>) = 0 [pid 435] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 432] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 432] <... futex resumed>) = 0 [pid 435] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 432] <... futex resumed>) = 0 [pid 435] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] <... futex resumed>) = 0 [pid 432] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 432] <... futex resumed>) = 0 [pid 435] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 432] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 435] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 435] <... futex resumed>) = 0 [pid 435] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 432] exit_group(0 [pid 435] <... futex resumed>) = ? [pid 432] <... exit_group resumed>) = ? [pid 435] +++ exited with 0 +++ [pid 432] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=432, si_uid=0, si_status=0, si_utime=5, si_stime=21} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 294] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./4/file4") = 0 [pid 293] <... restart_syscall resumed>) = 0 [pid 294] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 448] <... ioctl resumed>) = 0 [pid 448] close(4 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 448] <... close resumed>) = 0 [pid 294] newfstatat(AT_FDCWD, "./4/binderfs", [pid 293] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 448] close(5 [pid 294] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 448] <... close resumed>) = 0 [pid 294] unlink("./4/binderfs" [pid 293] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 448] mkdir("./file4", 0777 [pid 294] <... unlink resumed>) = 0 [pid 293] <... openat resumed>) = 3 [pid 448] <... mkdir resumed>) = 0 [pid 294] getdents64(3, [ 35.004993][ T435] F2FS-fs (loop2): switch discard_unit option is not allowed [ 35.027138][ T448] loop0: detected capacity change from 0 to 40427 [pid 293] newfstatat(3, "", [pid 448] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] close(3 [pid 293] getdents64(3, [pid 294] <... close resumed>) = 0 [pid 293] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 294] rmdir("./4" [pid 293] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... rmdir resumed>) = 0 [pid 294] mkdir("./5", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 455 ./strace-static-x86_64: Process 455 attached [pid 455] set_robust_list(0x55557f749760, 24) = 0 [pid 455] chdir("./5") = 0 [pid 455] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 455] setpgid(0, 0) = 0 [pid 455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 455] write(3, "1000", 4) = 4 [pid 455] close(3) = 0 [pid 455] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 455] write(1, "executing program\n", 18) = 18 [pid 455] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 455] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 455] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 455] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 455] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 455] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[456]}, 88) = 456 [pid 455] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 456 attached [pid 456] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 456] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 456] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 35.058192][ T448] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 35.067199][ T293] syz-executor130: attempt to access beyond end of device [ 35.067199][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 35.074025][ T448] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 456] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 0 [pid 456] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [pid 456] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [pid 456] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 456] memfd_create("syzkaller", 0) = 4 [pid 456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 35.113056][ T448] F2FS-fs (loop0): fault_injection options not supported [pid 292] <... umount2 resumed>) = 0 [pid 292] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4) = 0 [pid 292] rmdir("./4/file4") = 0 [pid 292] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./4/binderfs") = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./4") = 0 [pid 292] mkdir("./5", 0777) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 457 ./strace-static-x86_64: Process 457 attached [pid 457] set_robust_list(0x55557f749760, 24) = 0 [pid 457] chdir("./5") = 0 [pid 457] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 457] setpgid(0, 0) = 0 [pid 457] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 457] write(3, "1000", 4) = 4 [pid 457] close(3) = 0 [pid 457] symlink("/dev/binderfs", "./binderfs") = 0 [pid 457] write(1, "executing program\n", 18executing program ) = 18 [pid 457] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 457] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 457] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 457] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 457] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 457] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 457] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[461]}, 88) = 461 [pid 457] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 35.162529][ T448] F2FS-fs (loop0): fault_type options not supported [ 35.182907][ T448] F2FS-fs (loop0): invalid crc value [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 461 attached [pid 461] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 461] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 461] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 461] bpf(BPF_MAP_CREATE, NULL, 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 461] bpf(BPF_PROG_LOAD, NULL, 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 461] bpf(BPF_PROG_LOAD, NULL, 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 295] <... umount2 resumed>) = 0 [pid 461] bpf(BPF_MAP_CREATE, NULL, 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 295] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] newfstatat(AT_FDCWD, "./4/file4", [pid 457] <... futex resumed>) = 0 [pid 461] bpf(BPF_PROG_LOAD, NULL, 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 461] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 461] <... futex resumed>) = 1 [pid 457] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 461] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... socket resumed>) = 3 [pid 295] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 295] <... openat resumed>) = 4 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 295] newfstatat(4, "", [pid 461] bpf(BPF_MAP_CREATE, NULL, 72 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 295] getdents64(4, [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 295] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 461] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] getdents64(4, [pid 461] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 461] <... futex resumed>) = 1 [pid 457] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] close(4 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 461] memfd_create("syzkaller", 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 295] <... close resumed>) = 0 [pid 461] <... memfd_create resumed>) = 4 [pid 295] rmdir("./4/file4" [pid 461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 295] <... rmdir resumed>) = 0 [pid 295] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./4/binderfs") = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3) = 0 [pid 295] rmdir("./4") = 0 [pid 295] mkdir("./5", 0777) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 462 ./strace-static-x86_64: Process 462 attached [pid 462] set_robust_list(0x55557f749760, 24) = 0 [pid 462] chdir("./5") = 0 [pid 462] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 462] setpgid(0, 0) = 0 [pid 462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 462] write(3, "1000", 4) = 4 [pid 462] close(3) = 0 [pid 462] symlink("/dev/binderfs", "./binderfs") = 0 [pid 462] write(1, "executing program\n", 18executing program ) = 18 [pid 462] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 462] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 462] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 462] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 462] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 462] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 462] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[463]}, 88) = 463 [pid 462] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 463 attached [pid 463] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 463] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] <... futex resumed>) = 1 [pid 463] <... futex resumed>) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [ 35.229440][ T448] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 463] <... futex resumed>) = 0 [pid 463] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 463] <... futex resumed>) = 0 [pid 463] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 463] <... futex resumed>) = 0 [pid 463] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 463] <... futex resumed>) = 0 [pid 463] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = 0 [pid 462] <... futex resumed>) = 1 [pid 463] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = 0 [pid 462] <... futex resumed>) = 1 [pid 463] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = 0 [pid 462] <... futex resumed>) = 1 [pid 463] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = 0 [pid 462] <... futex resumed>) = 1 [pid 463] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 462] <... futex resumed>) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] <... futex resumed>) = 0 [pid 463] memfd_create("syzkaller", 0 [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 463] <... memfd_create resumed>) = 4 [pid 463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./4/file4") = 0 [pid 293] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./4/binderfs") = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./4") = 0 [pid 293] mkdir("./5", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD [pid 456] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 464 ./strace-static-x86_64: Process 464 attached [pid 464] set_robust_list(0x55557f749760, 24) = 0 [pid 464] chdir("./5") = 0 [pid 464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 464] setpgid(0, 0) = 0 [pid 464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 464] write(3, "1000", 4) = 4 [pid 464] close(3) = 0 [pid 464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 464] write(1, "executing program\n", 18executing program ) = 18 [pid 464] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 464] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 464] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 464] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 464] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 464] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[466]}, 88) = 466 [pid 464] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 466 attached [pid 466] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 466] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 466] <... futex resumed>) = 0 [pid 466] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 466] <... futex resumed>) = 0 [pid 466] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 466] <... futex resumed>) = 0 [pid 466] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 466] <... futex resumed>) = 0 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 466] bpf(BPF_PROG_LOAD, NULL, 0 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 464] <... futex resumed>) = 0 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... futex resumed>) = 0 [pid 464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 466] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... socket resumed>) = 3 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 466] bpf(BPF_MAP_CREATE, NULL, 72 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] <... futex resumed>) = 0 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 466] <... futex resumed>) = 0 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] <... futex resumed>) = 0 [pid 466] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 466] memfd_create("syzkaller", 0) = 4 [pid 466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 448] <... mount resumed>) = 0 [pid 448] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 448] chdir("./file4") = 0 [pid 448] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 448] ioctl(5, LOOP_CLR_FD) = 0 [pid 448] close(5) = 0 [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] fspick(AT_FDCWD, ".", 0) = 5 [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 35.351084][ T448] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 35.365999][ T448] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 447] <... futex resumed>) = 0 [pid 448] <... open resumed>) = 6 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 447] <... futex resumed>) = 0 [pid 448] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] sendfile(-1, -1, NULL, 281483568746501 [pid 447] <... futex resumed>) = 0 [pid 448] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = 0 [pid 447] <... futex resumed>) = 0 [pid 448] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] <... sendto resumed>) = 28 [pid 448] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=447}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 448] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=447}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 447] <... futex resumed>) = 0 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 448] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] <... futex resumed>) = 0 [pid 448] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 448] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] <... futex resumed>) = 0 [pid 448] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 448] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 448] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 447] <... futex resumed>) = 0 [pid 448] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 447] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 448] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 448] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 447] <... futex resumed>) = 0 [pid 448] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 447] exit_group(0) = ? [pid 448] <... futex resumed>) = ? [pid 448] +++ exited with 0 +++ [pid 447] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=447, si_uid=0, si_status=0, si_utime=9, si_stime=23} --- [pid 291] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 291] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 35.406134][ T448] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 291] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 456] <... write resumed>) = 20699119 [pid 456] munmap(0x7f837a30b000, 138412032) = 0 [pid 456] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 456] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 456] close(4) = 0 [pid 456] close(5 [pid 461] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 456] <... close resumed>) = 0 [pid 456] mkdir("./file4", 0777) = 0 [ 35.446368][ T291] syz-executor130: attempt to access beyond end of device [ 35.446368][ T291] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 35.463771][ T456] loop3: detected capacity change from 0 to 40427 [ 35.505270][ T456] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 35.512272][ T456] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 456] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 35.551821][ T456] F2FS-fs (loop3): fault_injection options not supported [ 35.577180][ T456] F2FS-fs (loop3): fault_type options not supported [ 35.604254][ T456] F2FS-fs (loop3): invalid crc value [pid 463] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 466] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 461] <... write resumed>) = 20699119 [pid 461] munmap(0x7f837a30b000, 138412032) = 0 [pid 461] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [ 35.631071][ T456] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 461] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 461] close(4) = 0 [pid 461] close(5) = 0 [pid 461] mkdir("./file4", 0777) = 0 [pid 461] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 291] <... umount2 resumed>) = 0 [pid 291] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./5/file4") = 0 [pid 291] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./5/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./5") = 0 [pid 291] mkdir("./6", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 470 [ 35.676855][ T461] loop1: detected capacity change from 0 to 40427 [ 35.700070][ T461] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) ./strace-static-x86_64: Process 470 attached [pid 470] set_robust_list(0x55557f749760, 24) = 0 [pid 470] chdir("./6") = 0 [pid 470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 470] setpgid(0, 0) = 0 [pid 470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 470] write(3, "1000", 4) = 4 [pid 470] close(3) = 0 [pid 470] symlink("/dev/binderfs", "./binderfs") = 0 [pid 470] write(1, "executing program\n", 18executing program ) = 18 [pid 470] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 470] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 470] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 470] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 470] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 470] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 463] <... write resumed>) = 20699119 [pid 463] munmap(0x7f837a30b000, 138412032 [pid 470] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[471]}, 88) = 471 [pid 470] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... munmap resumed>) = 0 [pid 463] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 463] ioctl(5, LOOP_SET_FD, 4./strace-static-x86_64: Process 471 attached [pid 471] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 471] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 471] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 463] <... ioctl resumed>) = 0 [pid 463] close(4) = 0 [pid 463] close(5) = 0 [pid 463] mkdir("./file4", 0777) = 0 [ 35.727777][ T461] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 35.748716][ T461] F2FS-fs (loop1): fault_injection options not supported [ 35.756599][ T463] loop4: detected capacity change from 0 to 40427 [ 35.756597][ T456] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 35.756619][ T456] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 470] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... futex resumed>) = 0 [pid 470] <... futex resumed>) = 1 [pid 471] bpf(BPF_MAP_CREATE, NULL, 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 470] <... futex resumed>) = 0 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] <... futex resumed>) = 0 [pid 471] bpf(BPF_PROG_LOAD, NULL, 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 470] <... futex resumed>) = 0 [pid 471] bpf(BPF_PROG_LOAD, NULL, 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 470] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] bpf(BPF_MAP_CREATE, NULL, 0 [pid 470] <... futex resumed>) = 0 [pid 471] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] <... futex resumed>) = 0 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] <... futex resumed>) = 0 [pid 471] bpf(BPF_PROG_LOAD, NULL, 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 470] <... futex resumed>) = 0 [pid 463] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 471] <... socket resumed>) = 3 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] bpf(BPF_MAP_CREATE, NULL, 72 [pid 470] <... futex resumed>) = 0 [pid 471] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 470] <... futex resumed>) = 0 [pid 471] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 471] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] memfd_create("syzkaller", 0 [pid 470] <... futex resumed>) = 0 [pid 471] <... memfd_create resumed>) = 4 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 456] <... mount resumed>) = 0 [pid 456] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 456] chdir("./file4") = 0 [pid 456] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 456] ioctl(5, LOOP_CLR_FD) = 0 [pid 456] close(5) = 0 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [pid 456] fspick(AT_FDCWD, ".", 0) = 5 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [ 35.768182][ T461] F2FS-fs (loop1): fault_type options not supported [ 35.795619][ T463] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 35.802784][ T463] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 456] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 466] <... write resumed>) = 20699119 [pid 466] munmap(0x7f837a30b000, 138412032) = 0 [pid 466] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 466] ioctl(5, LOOP_SET_FD, 4 [pid 456] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [pid 456] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [pid 456] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [pid 456] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] <... futex resumed>) = 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 1 [pid 456] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 466] <... ioctl resumed>) = 0 [pid 466] close(4 [pid 456] <... sendto resumed>) = 28 [pid 456] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=455}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 466] <... close resumed>) = 0 [pid 466] close(5 [pid 456] recvfrom(3, [pid 466] <... close resumed>) = 0 [pid 456] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=455}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 466] mkdir("./file4", 0777 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 456] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 456] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 455] <... futex resumed>) = 0 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 456] <... futex resumed>) = 0 [pid 455] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 456] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] <... mkdir resumed>) = 0 [pid 466] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 456] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 455] <... futex resumed>) = 0 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 456] <... futex resumed>) = 0 [pid 455] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 456] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 456] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 455] <... futex resumed>) = 0 [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 456] <... futex resumed>) = 0 [pid 455] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 456] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 455] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 456] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 455] <... futex resumed>) = 0 [pid 456] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 455] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 456] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 456] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 455] <... futex resumed>) = 0 [pid 456] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 455] exit_group(0 [pid 456] <... futex resumed>) = ? [pid 455] <... exit_group resumed>) = ? [pid 456] +++ exited with 0 +++ [pid 455] +++ exited with 0 +++ [ 35.834797][ T456] F2FS-fs (loop3): switch discard_unit option is not allowed [ 35.845406][ T466] loop2: detected capacity change from 0 to 40427 [ 35.856936][ T463] F2FS-fs (loop4): fault_injection options not supported [ 35.868577][ T466] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 35.870398][ T463] F2FS-fs (loop4): fault_type options not supported [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=455, si_uid=0, si_status=0, si_utime=3, si_stime=15} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 35.876465][ T461] F2FS-fs (loop1): invalid crc value [ 35.885329][ T466] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 35.898425][ T466] F2FS-fs (loop2): fault_injection options not supported [ 35.905868][ T463] F2FS-fs (loop4): invalid crc value [ 35.913836][ T466] F2FS-fs (loop2): fault_type options not supported [ 35.914974][ T461] F2FS-fs (loop1): Found nat_bits in checkpoint [ 35.927475][ T294] syz-executor130: attempt to access beyond end of device [pid 294] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 35.927475][ T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 35.942086][ T466] F2FS-fs (loop2): invalid crc value [ 35.962997][ T463] F2FS-fs (loop4): Found nat_bits in checkpoint [ 35.973589][ T466] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 471] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 461] <... mount resumed>) = 0 [pid 461] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 461] chdir("./file4") = 0 [pid 461] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 461] ioctl(5, LOOP_CLR_FD) = 0 [pid 461] close(5) = 0 [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] fspick(AT_FDCWD, ".", 0) = 5 [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 36.035808][ T461] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 36.053294][ T461] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 461] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 294] <... umount2 resumed>) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 457] <... futex resumed>) = 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... open resumed>) = 6 [pid 294] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 461] <... futex resumed>) = 1 [pid 294] newfstatat(AT_FDCWD, "./5/file4", [pid 457] <... futex resumed>) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 36.095196][ T461] F2FS-fs (loop1): switch discard_unit option is not allowed [ 36.113818][ T463] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 36.121150][ T466] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 36.130075][ T466] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 463] <... mount resumed>) = 0 [pid 461] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 466] <... mount resumed>) = 0 [pid 463] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 466] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 466] chdir("./file4" [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] <... chdir resumed>) = 0 [pid 463] chdir("./file4") = 0 [pid 466] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 463] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 294] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 461] <... futex resumed>) = 1 [pid 457] <... futex resumed>) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] ioctl(5, LOOP_CLR_FD) = 0 [pid 466] close(5 [pid 471] <... write resumed>) = 20699119 [pid 466] <... close resumed>) = 0 [pid 463] <... openat resumed>) = 5 [pid 461] sendfile(-1, -1, NULL, 281483568746501 [pid 294] <... openat resumed>) = 4 [pid 461] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 294] newfstatat(4, "", [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 461] <... futex resumed>) = 1 [pid 294] getdents64(4, [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 294] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./5/file4") = 0 [pid 294] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./5/binderfs") = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./5") = 0 [pid 294] mkdir("./6", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 485 [pid 471] munmap(0x7f837a30b000, 138412032) = 0 [pid 463] ioctl(5, LOOP_CLR_FD) = 0 [pid 457] <... futex resumed>) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = 0 [pid 457] <... futex resumed>) = 1 [pid 461] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... sendto resumed>) = 28 [pid 461] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=457}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 461] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=457}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 463] close(5 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... close resumed>) = 0 [pid 464] <... futex resumed>) = 0 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... futex resumed>) = 1 [pid 457] <... futex resumed>) = 0 [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = 0 [pid 457] <... futex resumed>) = 1 [pid 461] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 457] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 466] fspick(AT_FDCWD, ".", 0 [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 466] <... fspick resumed>) = 5 [pid 463] <... futex resumed>) = 1 [pid 462] <... futex resumed>) = 0 [pid 461] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] fspick(AT_FDCWD, ".", 0 [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] <... futex resumed>) = 1 [pid 464] <... futex resumed>) = 0 [ 36.139888][ T463] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 463] <... fspick resumed>) = 5 [pid 462] <... futex resumed>) = 0 [pid 461] <... futex resumed>) = 0 [pid 466] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 463] <... futex resumed>) = 0 [pid 462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 485 attached [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}executing program [pid 463] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = 0 [pid 457] <... futex resumed>) = 1 [pid 485] set_robust_list(0x55557f749760, 24 [pid 471] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 466] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 485] <... set_robust_list resumed>) = 0 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] chdir("./6") = 0 [pid 466] <... futex resumed>) = 1 [pid 485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 485] setpgid(0, 0) = 0 [pid 485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 485] write(3, "1000", 4) = 4 [pid 485] close(3) = 0 [pid 485] symlink("/dev/binderfs", "./binderfs") = 0 [pid 485] write(1, "executing program\n", 18) = 18 [pid 485] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 485] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 485] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 485] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 485] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 485] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[486]}, 88) = 486 [pid 485] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 486 attached [pid 486] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 486] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 486] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 486] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 486] <... futex resumed>) = 1 [pid 464] <... futex resumed>) = 0 [pid 462] <... futex resumed>) = 0 [pid 461] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 466] <... futex resumed>) = 0 [pid 464] <... futex resumed>) = 1 [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 461] <... futex resumed>) = 1 [pid 457] <... futex resumed>) = 0 [pid 466] <... open resumed>) = 6 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] <... futex resumed>) = 0 [pid 466] <... futex resumed>) = 1 [pid 464] <... futex resumed>) = 0 [pid 461] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 457] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 466] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 461] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 461] <... futex resumed>) = 1 [pid 457] <... futex resumed>) = 0 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 457] exit_group(0 [pid 466] <... futex resumed>) = 1 [pid 464] <... futex resumed>) = 0 [pid 461] <... futex resumed>) = ? [pid 457] <... exit_group resumed>) = ? [pid 486] memfd_create("syzkaller", 0 [pid 471] <... openat resumed>) = 5 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 461] +++ exited with 0 +++ [pid 466] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 457] +++ exited with 0 +++ [pid 466] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 486] <... memfd_create resumed>) = 4 [pid 486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 471] ioctl(5, LOOP_SET_FD, 4 [pid 466] <... futex resumed>) = 0 [pid 464] <... futex resumed>) = 1 [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... futex resumed>) = 1 [pid 462] <... futex resumed>) = 0 [pid 471] <... ioctl resumed>) = 0 [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=457, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 471] close(4 [pid 464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 463] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 462] <... futex resumed>) = 0 [pid 292] <... restart_syscall resumed>) = 0 [pid 466] <... futex resumed>) = 0 [pid 464] <... futex resumed>) = 1 [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... sendto resumed>) = 28 [pid 292] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 466] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=464}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 466] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=464}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 471] <... close resumed>) = 0 [pid 466] <... futex resumed>) = 1 [pid 464] <... futex resumed>) = 0 [pid 463] <... open resumed>) = 6 [pid 471] close(5 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 292] <... openat resumed>) = 3 [pid 466] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... close resumed>) = 0 [pid 466] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] newfstatat(3, "", [pid 471] mkdir("./file4", 0777 [pid 466] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 464] <... futex resumed>) = 0 [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 466] <... futex resumed>) = 0 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... futex resumed>) = 1 [pid 462] <... futex resumed>) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 463] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] getdents64(3, [pid 471] <... mkdir resumed>) = 0 [ 36.173907][ T466] F2FS-fs (loop2): switch discard_unit option is not allowed [ 36.182848][ T463] F2FS-fs (loop4): switch discard_unit option is not allowed [ 36.197937][ T471] loop0: detected capacity change from 0 to 40427 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 462] <... futex resumed>) = 0 [pid 292] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 471] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 464] <... futex resumed>) = 1 [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 466] <... futex resumed>) = 0 [pid 466] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = 1 [pid 462] <... futex resumed>) = 0 [pid 466] <... futex resumed>) = 0 [pid 464] <... futex resumed>) = 1 [pid 463] sendfile(-1, -1, NULL, 281483568746501 [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 463] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] <... futex resumed>) = 0 [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 464] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 463] <... futex resumed>) = 0 [pid 464] <... futex resumed>) = 1 [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 464] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 462] <... futex resumed>) = 0 [pid 466] <... futex resumed>) = 0 [pid 466] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 466] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 466] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 463] <... sendto resumed>) = 28 [pid 464] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 464] exit_group(0 [pid 463] recvfrom(3, [pid 464] <... exit_group resumed>) = ? [pid 463] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=462}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 463] recvfrom(3, [pid 466] <... futex resumed>) = ? [pid 463] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=462}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 466] +++ exited with 0 +++ [pid 464] +++ exited with 0 +++ [pid 463] <... futex resumed>) = 1 [pid 462] <... futex resumed>) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] <... futex resumed>) = 0 [pid 463] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=464, si_uid=0, si_status=0, si_utime=5, si_stime=22} --- [pid 463] <... futex resumed>) = 1 [pid 462] <... futex resumed>) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 463] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 462] <... futex resumed>) = 0 [pid 293] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 463] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] <... futex resumed>) = 0 [pid 293] <... openat resumed>) = 3 [pid 463] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 293] newfstatat(3, "", [pid 463] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] getdents64(3, [pid 463] <... futex resumed>) = 1 [pid 462] <... futex resumed>) = 0 [pid 293] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [ 36.224642][ T471] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 36.232795][ T292] syz-executor130: attempt to access beyond end of device [ 36.232795][ T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 36.232865][ T471] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 36.256917][ T471] F2FS-fs (loop0): fault_injection options not supported [pid 293] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 463] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] <... futex resumed>) = 0 [pid 463] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 462] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 463] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 463] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 462] <... futex resumed>) = 0 [pid 463] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 462] exit_group(0 [pid 463] <... futex resumed>) = ? [pid 462] <... exit_group resumed>) = ? [pid 463] +++ exited with 0 +++ [pid 462] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=462, si_uid=0, si_status=0, si_utime=7, si_stime=20} --- [pid 295] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 36.279482][ T293] syz-executor130: attempt to access beyond end of device [ 36.279482][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 36.284785][ T471] F2FS-fs (loop0): fault_type options not supported [ 36.303562][ T471] F2FS-fs (loop0): invalid crc value [ 36.326232][ T295] syz-executor130: attempt to access beyond end of device [ 36.326232][ T295] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 36.344028][ T471] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 295] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 486] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 292] <... umount2 resumed>) = 0 [pid 292] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4) = 0 [pid 292] rmdir("./5/file4") = 0 [pid 292] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./5/binderfs") = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./5") = 0 [pid 292] mkdir("./6", 0777) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 491 ./strace-static-x86_64: Process 491 attached [pid 491] set_robust_list(0x55557f749760, 24 [pid 471] <... mount resumed>) = 0 [pid 491] <... set_robust_list resumed>) = 0 [pid 471] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 491] chdir("./6") = 0 [pid 471] <... openat resumed>) = 4 [pid 491] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 471] chdir("./file4" [pid 491] <... prctl resumed>) = 0 [pid 471] <... chdir resumed>) = 0 [pid 491] setpgid(0, 0 [pid 471] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 491] <... setpgid resumed>) = 0 [pid 491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 471] <... openat resumed>) = 5 [pid 491] <... openat resumed>) = 3 [pid 471] ioctl(5, LOOP_CLR_FD [pid 491] write(3, "1000", 4 [pid 471] <... ioctl resumed>) = 0 [pid 491] <... write resumed>) = 4 [pid 471] close(5 [pid 491] close(3) = 0 [pid 471] <... close resumed>) = 0 [pid 293] <... umount2 resumed>) = 0 [pid 491] symlink("/dev/binderfs", "./binderfs" [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000executing program [pid 491] <... symlink resumed>) = 0 [pid 471] <... futex resumed>) = 1 [pid 470] <... futex resumed>) = 0 [pid 491] write(1, "executing program\n", 18 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] <... write resumed>) = 18 [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] <... futex resumed>) = 0 [pid 491] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] fspick(AT_FDCWD, ".", 0 [pid 491] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, [pid 471] <... fspick resumed>) = 5 [pid 491] <... rt_sigaction resumed>NULL, 8) = 0 [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 471] <... futex resumed>) = 1 [pid 491] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 470] <... futex resumed>) = 0 [pid 491] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] <... mmap resumed>) = 0x7f838270b000 [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] <... futex resumed>) = 0 [pid 491] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE [pid 471] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] <... mprotect resumed>) = 0 [ 36.468196][ T471] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 36.483618][ T471] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 491] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 491] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[492]}, 88) = 492 [pid 491] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 492 attached [pid 492] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 492] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 492] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 491] <... futex resumed>) = 0 [pid 471] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] <... futex resumed>) = 0 [pid 471] <... futex resumed>) = 1 [pid 470] <... futex resumed>) = 0 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] <... futex resumed>) = 0 [pid 293] newfstatat(AT_FDCWD, "./5/file4", [pid 471] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 492] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 471] <... open resumed>) = 6 [pid 293] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 471] <... futex resumed>) = 1 [pid 470] <... futex resumed>) = 0 [pid 293] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... openat resumed>) = 4 [pid 471] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 470] <... futex resumed>) = 0 [pid 293] newfstatat(4, "", [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 471] <... futex resumed>) = 0 [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] sendfile(-1, -1, NULL, 281483568746501 [pid 470] <... futex resumed>) = 0 [pid 293] getdents64(4, [pid 471] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 471] <... futex resumed>) = 1 [pid 470] <... futex resumed>) = 0 [pid 293] getdents64(4, [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 293] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 293] close(4 [pid 471] <... sendto resumed>) = 28 [pid 293] <... close resumed>) = 0 [pid 471] recvfrom(3, [pid 293] rmdir("./5/file4" [pid 471] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=470}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 293] <... rmdir resumed>) = 0 [pid 471] recvfrom(3, [pid 293] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 471] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=470}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] newfstatat(AT_FDCWD, "./5/binderfs", [pid 471] <... futex resumed>) = 1 [pid 470] <... futex resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] unlink("./5/binderfs" [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] <... futex resumed>) = 0 [pid 492] <... futex resumed>) = 1 [pid 293] <... unlink resumed>) = 0 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] <... futex resumed>) = 0 [pid 471] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 293] getdents64(3, [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 471] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 293] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] close(3 [pid 471] <... futex resumed>) = 1 [pid 470] <... futex resumed>) = 0 [pid 293] <... close resumed>) = 0 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] rmdir("./5" [pid 471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 470] <... futex resumed>) = 0 [pid 492] bpf(BPF_PROG_LOAD, NULL, 0 [pid 293] <... rmdir resumed>) = 0 [pid 471] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 293] mkdir("./6", 0777 [pid 471] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 492] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... mkdir resumed>) = 0 [pid 471] <... futex resumed>) = 1 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] <... futex resumed>) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... futex resumed>) = 0 [pid 470] <... futex resumed>) = 1 [pid 293] <... openat resumed>) = 3 [pid 471] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 293] ioctl(3, LOOP_CLR_FD [pid 471] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] close(3 [pid 471] <... futex resumed>) = 1 [pid 470] <... futex resumed>) = 0 [pid 293] <... close resumed>) = 0 [pid 492] <... futex resumed>) = 1 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] <... umount2 resumed>) = 0 [pid 295] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 491] <... futex resumed>) = 0 [pid 471] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 470] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 471] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 470] <... futex resumed>) = 0 [pid 492] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = 1 [pid 471] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 470] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] <... futex resumed>) = 0 [pid 470] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] <... clone resumed>, child_tidptr=0x55557f749750) = 493 [pid 471] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 470] exit_group(0) = ? [pid 471] <... futex resumed>) = ? [pid 492] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 491] <... futex resumed>) = 0 [pid 492] bpf(BPF_MAP_CREATE, NULL, 0 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 491] <... futex resumed>) = 0 [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 471] +++ exited with 0 +++ [pid 470] +++ exited with 0 +++ [pid 492] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 492] bpf(BPF_PROG_LOAD, NULL, 0 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 491] <... futex resumed>) = 0 [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=470, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 492] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... socket resumed>) = 3 [pid 491] <... futex resumed>) = 0 [pid 291] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 493 attached [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] set_robust_list(0x55557f749760, 24 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 493] <... set_robust_list resumed>) = 0 [pid 492] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 491] <... futex resumed>) = 0 [pid 493] chdir("./6" [pid 492] bpf(BPF_MAP_CREATE, NULL, 72 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 493] <... chdir resumed>) = 0 [pid 492] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 493] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 493] <... prctl resumed>) = 0 [pid 492] <... futex resumed>) = 1 [pid 491] <... futex resumed>) = 0 [pid 493] setpgid(0, 0 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 291] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 493] <... setpgid resumed>) = 0 [pid 492] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 491] <... futex resumed>) = 0 [pid 493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 492] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] <... openat resumed>) = 3 [pid 493] <... openat resumed>) = 3 [pid 492] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 291] newfstatat(3, "", [pid 493] write(3, "1000", 4 [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 493] <... write resumed>) = 4 [pid 492] <... futex resumed>) = 1 [pid 491] <... futex resumed>) = 0 [pid 291] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 493] close(3 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 493] <... close resumed>) = 0 [pid 492] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 491] <... futex resumed>) = 0 [pid 291] getdents64(3, [pid 493] symlink("/dev/binderfs", "./binderfs" [pid 492] memfd_create("syzkaller", 0 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 493] <... symlink resumed>) = 0 [pid 492] <... memfd_create resumed>) = 4 executing program [pid 291] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 493] write(1, "executing program\n", 18 [pid 492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 493] <... write resumed>) = 18 [pid 492] <... mmap resumed>) = 0x7f837a30b000 [ 36.526045][ T471] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 291] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 493] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 486] <... write resumed>) = 20699119 [pid 295] <... openat resumed>) = 4 [pid 493] <... futex resumed>) = 0 [pid 493] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 493] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 486] munmap(0x7f837a30b000, 138412032 [pid 295] newfstatat(4, "", [pid 493] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 486] <... munmap resumed>) = 0 [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 493] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 295] getdents64(4, [pid 493] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 295] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 493] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 295] getdents64(4, [pid 493] <... clone3 resumed> => {parent_tid=[494]}, 88) = 494 [pid 493] rt_sigprocmask(SIG_SETMASK, [], [pid 295] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 493] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] close(4 [pid 493] <... futex resumed>) = 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] <... close resumed>) = 0 [pid 295] rmdir("./5/file4") = 0 [pid 295] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./5/binderfs") = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3 [pid 486] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 295] <... close resumed>) = 0 [pid 486] <... openat resumed>) = 5 [pid 295] rmdir("./5" [pid 486] ioctl(5, LOOP_SET_FD, 4 [pid 295] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 494 attached [pid 295] mkdir("./6", 0777 [pid 494] set_robust_list(0x7f838272b9a0, 24 [pid 295] <... mkdir resumed>) = 0 [pid 494] <... set_robust_list resumed>) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 494] rt_sigprocmask(SIG_SETMASK, [], [pid 295] <... openat resumed>) = 3 [pid 494] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 295] ioctl(3, LOOP_CLR_FD [pid 494] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] bpf(BPF_MAP_CREATE, NULL, 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] close(3 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] bpf(BPF_PROG_LOAD, NULL, 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... close resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 495 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] bpf(BPF_PROG_LOAD, NULL, 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] bpf(BPF_MAP_CREATE, NULL, 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] bpf(BPF_PROG_LOAD, NULL, 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 495 attached ) = 1 [pid 493] <... futex resumed>) = 0 [pid 495] set_robust_list(0x55557f749760, 24 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... set_robust_list resumed>) = 0 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 495] chdir("./6" [pid 494] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 495] <... chdir resumed>) = 0 [pid 494] <... socket resumed>) = 3 [pid 495] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... prctl resumed>) = 0 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 495] setpgid(0, 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... setpgid resumed>) = 0 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 494] bpf(BPF_MAP_CREATE, NULL, 72 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 495] <... openat resumed>) = 3 [pid 494] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 495] write(3, "1000", 4 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... write resumed>) = 4 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 495] close(3 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... close resumed>) = 0 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 495] symlink("/dev/binderfs", "./binderfs" [pid 494] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}executing program [pid 495] <... symlink resumed>) = 0 [pid 494] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 495] write(1, "executing program\n", 18 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... write resumed>) = 18 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... futex resumed>) = 0 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 495] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 494] memfd_create("syzkaller", 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 495] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 494] <... memfd_create resumed>) = 4 [pid 495] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 495] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 494] <... mmap resumed>) = 0x7f837a30b000 [pid 495] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE [pid 486] <... ioctl resumed>) = 0 [pid 486] close(4) = 0 [pid 486] close(5) = 0 [pid 486] mkdir("./file4", 0777) = 0 [ 36.570733][ T291] syz-executor130: attempt to access beyond end of device [ 36.570733][ T291] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 36.593005][ T486] loop3: detected capacity change from 0 to 40427 [pid 486] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 495] <... mprotect resumed>) = 0 [pid 495] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 495] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[496]}, 88) = 496 [pid 495] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 496 attached [pid 496] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 496] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 496] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] bpf(BPF_MAP_CREATE, NULL, 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] bpf(BPF_PROG_LOAD, NULL, 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] bpf(BPF_PROG_LOAD, NULL, 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] bpf(BPF_MAP_CREATE, NULL, 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] bpf(BPF_PROG_LOAD, NULL, 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... socket resumed>) = 3 [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] bpf(BPF_MAP_CREATE, NULL, 72 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] memfd_create("syzkaller", 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 496] <... memfd_create resumed>) = 4 [pid 496] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 36.633283][ T486] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 36.660849][ T486] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 36.676303][ T486] F2FS-fs (loop3): fault_injection options not supported [ 36.684483][ T486] F2FS-fs (loop3): fault_type options not supported [ 36.691863][ T486] F2FS-fs (loop3): invalid crc value [ 36.719321][ T486] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 492] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 291] <... umount2 resumed>) = 0 [pid 291] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./6/file4") = 0 [pid 291] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./6/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./6") = 0 [pid 291] mkdir("./7", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 501 ./strace-static-x86_64: Process 501 attached [pid 501] set_robust_list(0x55557f749760, 24) = 0 [pid 501] chdir("./7") = 0 [pid 501] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 501] setpgid(0, 0) = 0 [pid 501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 501] write(3, "1000", 4) = 4 [pid 501] close(3) = 0 [pid 501] symlink("/dev/binderfs", "./binderfs") = 0 [pid 501] write(1, "executing program\n", 18executing program ) = 18 [pid 501] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 486] <... mount resumed>) = 0 [pid 501] <... futex resumed>) = 0 [pid 501] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 501] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 501] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 486] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 501] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE [pid 494] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 501] <... mprotect resumed>) = 0 [pid 486] <... openat resumed>) = 4 [pid 486] chdir("./file4") = 0 [pid 486] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 501] rt_sigprocmask(SIG_BLOCK, ~[], [pid 486] ioctl(5, LOOP_CLR_FD) = 0 [pid 486] close(5) = 0 [pid 501] <... rt_sigprocmask resumed>[], 8) = 0 [pid 501] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 486] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] <... clone3 resumed> => {parent_tid=[502]}, 88) = 502 [pid 501] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 486] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] fspick(AT_FDCWD, ".", 0) = 5 [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 485] <... futex resumed>) = 0 [ 36.798647][ T486] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 36.806390][ T486] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 486] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 502 attached [pid 502] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 502] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 502] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 501] <... futex resumed>) = 0 [pid 502] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] <... futex resumed>) = 0 [pid 501] <... futex resumed>) = 1 [pid 502] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 502] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] <... futex resumed>) = 0 [pid 501] <... futex resumed>) = 1 [pid 502] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 502] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] <... futex resumed>) = 0 [pid 501] <... futex resumed>) = 1 [pid 502] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 502] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] <... futex resumed>) = 0 [pid 501] <... futex resumed>) = 1 [pid 502] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 502] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] <... futex resumed>) = 0 [pid 501] <... futex resumed>) = 1 [pid 502] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 502] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 501] <... futex resumed>) = 0 [pid 502] <... socket resumed>) = 3 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 502] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] bpf(BPF_MAP_CREATE, NULL, 72 [pid 501] <... futex resumed>) = 0 [pid 502] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 502] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 502] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 501] <... futex resumed>) = 0 [pid 502] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 486] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 486] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 485] <... futex resumed>) = 0 [pid 502] memfd_create("syzkaller", 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 502] <... memfd_create resumed>) = 4 [pid 485] <... futex resumed>) = 0 [pid 502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... mmap resumed>) = 0x7f837a30b000 [pid 486] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 486] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 486] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=485}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 486] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=485}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 485] <... futex resumed>) = 0 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 486] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 485] <... futex resumed>) = 0 [pid 486] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 485] <... futex resumed>) = 0 [pid 486] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 486] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 485] <... futex resumed>) = 0 [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 486] <... futex resumed>) = 0 [pid 485] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 486] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 486] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 485] <... futex resumed>) = 0 [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 486] <... futex resumed>) = 0 [pid 485] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 486] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 485] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 486] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 485] <... futex resumed>) = 0 [pid 486] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 485] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 486] <... futex resumed>) = 0 [pid 485] exit_group(0) = ? [pid 486] +++ exited with 0 +++ [pid 485] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=485, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 496] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... restart_syscall resumed>) = 0 [pid 294] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 36.854999][ T486] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 294] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 492] <... write resumed>) = 20699119 [pid 492] munmap(0x7f837a30b000, 138412032) = 0 [pid 492] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 492] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 492] close(4) = 0 [pid 492] close(5) = 0 [pid 492] mkdir("./file4", 0777) = 0 [ 36.910900][ T294] syz-executor130: attempt to access beyond end of device [ 36.910900][ T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 36.927737][ T492] loop1: detected capacity change from 0 to 40427 [ 36.960099][ T492] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 36.977676][ T492] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 36.994716][ T492] F2FS-fs (loop1): fault_injection options not supported [pid 492] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 496] <... write resumed>) = 20699119 [pid 496] munmap(0x7f837a30b000, 138412032 [pid 494] <... write resumed>) = 20699119 [pid 494] munmap(0x7f837a30b000, 138412032) = 0 [pid 494] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 494] ioctl(5, LOOP_SET_FD, 4 [pid 496] <... munmap resumed>) = 0 [pid 496] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [ 37.031304][ T492] F2FS-fs (loop1): fault_type options not supported [ 37.049302][ T492] F2FS-fs (loop1): invalid crc value [ 37.069954][ T494] loop2: detected capacity change from 0 to 40427 [pid 496] ioctl(5, LOOP_SET_FD, 4 [pid 494] <... ioctl resumed>) = 0 [pid 494] close(4) = 0 [pid 494] close(5 [pid 502] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 494] <... close resumed>) = 0 [pid 494] mkdir("./file4", 0777) = 0 [pid 494] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 496] <... ioctl resumed>) = 0 [pid 496] close(4) = 0 [pid 496] close(5) = 0 [pid 496] mkdir("./file4", 0777) = 0 [ 37.071722][ T496] loop4: detected capacity change from 0 to 40427 [ 37.094089][ T494] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 37.101105][ T494] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 37.114510][ T492] F2FS-fs (loop1): Found nat_bits in checkpoint [ 37.122752][ T496] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 37.127807][ T494] F2FS-fs (loop2): fault_injection options not supported [ 37.143523][ T494] F2FS-fs (loop2): fault_type options not supported [ 37.150432][ T496] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 37.161435][ T494] F2FS-fs (loop2): invalid crc value [pid 496] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./6/file4") = 0 [pid 294] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./6/binderfs") = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./6") = 0 [pid 294] mkdir("./7", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 509 [ 37.182143][ T496] F2FS-fs (loop4): fault_injection options not supported [ 37.190544][ T494] F2FS-fs (loop2): Found nat_bits in checkpoint [ 37.203758][ T496] F2FS-fs (loop4): fault_type options not supported ./strace-static-x86_64: Process 509 attached [pid 509] set_robust_list(0x55557f749760, 24) = 0 [pid 509] chdir("./7") = 0 [pid 509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 509] setpgid(0, 0) = 0 [pid 509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 509] write(3, "1000", 4) = 4 [pid 509] close(3) = 0 [pid 509] symlink("/dev/binderfs", "./binderfs") = 0 [pid 509] write(1, "executing program\n", 18executing program ) = 18 [pid 509] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 509] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 509] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 509] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 509] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 509] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 502] <... write resumed>) = 20699119 [pid 509] <... clone3 resumed> => {parent_tid=[512]}, 88) = 512 [pid 509] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 512 attached [pid 502] munmap(0x7f837a30b000, 138412032 [pid 512] set_robust_list(0x7f838272b9a0, 24 [pid 502] <... munmap resumed>) = 0 [pid 502] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 502] ioctl(5, LOOP_SET_FD, 4 [pid 512] <... set_robust_list resumed>) = 0 [pid 512] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 512] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 502] <... ioctl resumed>) = 0 [pid 502] close(4) = 0 [pid 502] close(5) = 0 [pid 502] mkdir("./file4", 0777) = 0 [pid 502] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... futex resumed>) = 0 [pid 509] <... futex resumed>) = 1 [pid 512] bpf(BPF_MAP_CREATE, NULL, 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 509] <... futex resumed>) = 0 [pid 512] bpf(BPF_PROG_LOAD, NULL, 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 512] bpf(BPF_PROG_LOAD, NULL, 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 509] <... futex resumed>) = 0 [ 37.233870][ T496] F2FS-fs (loop4): invalid crc value [ 37.250867][ T492] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 37.255085][ T502] loop0: detected capacity change from 0 to 40427 [ 37.258753][ T492] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 37.272669][ T502] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... futex resumed>) = 0 [pid 509] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 512] bpf(BPF_MAP_CREATE, NULL, 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... mount resumed>) = 0 [pid 492] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 492] chdir("./file4") = 0 [pid 492] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 492] ioctl(5, LOOP_CLR_FD) = 0 [pid 492] close(5) = 0 [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 512] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 509] <... futex resumed>) = 0 [pid 494] <... mount resumed>) = 0 [pid 491] <... futex resumed>) = 0 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... futex resumed>) = 0 [pid 509] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 492] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = 1 [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 512] bpf(BPF_PROG_LOAD, NULL, 0 [pid 509] <... futex resumed>) = 0 [pid 492] fspick(AT_FDCWD, ".", 0 [pid 512] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] <... fspick resumed>) = 5 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... futex resumed>) = 1 [pid 509] <... futex resumed>) = 0 [pid 492] <... futex resumed>) = 1 [pid 491] <... futex resumed>) = 0 [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 509] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = 0 [pid 512] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... socket resumed>) = 3 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 512] <... futex resumed>) = 1 [pid 509] <... futex resumed>) = 0 [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 512] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 509] <... futex resumed>) = 0 [pid 494] <... openat resumed>) = 4 [pid 512] bpf(BPF_MAP_CREATE, NULL, 72 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] chdir("./file4" [pid 512] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... chdir resumed>) = 0 [pid 512] <... futex resumed>) = 1 [pid 509] <... futex resumed>) = 0 [pid 494] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 509] <... futex resumed>) = 0 [pid 494] <... openat resumed>) = 5 [pid 512] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] ioctl(5, LOOP_CLR_FD [pid 512] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 494] <... ioctl resumed>) = 0 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] close(5 [pid 512] <... futex resumed>) = 1 [pid 509] <... futex resumed>) = 0 [pid 492] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] memfd_create("syzkaller", 0 [pid 509] <... futex resumed>) = 0 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... memfd_create resumed>) = 4 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 491] <... futex resumed>) = 1 [pid 512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 494] <... close resumed>) = 0 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... mmap resumed>) = 0x7f837a30b000 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 0 [pid 492] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 37.272786][ T494] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 37.280103][ T502] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 37.287682][ T494] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 37.298680][ T502] F2FS-fs (loop0): fault_injection options not supported [ 37.307991][ T496] F2FS-fs (loop4): Found nat_bits in checkpoint [ 37.318263][ T492] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = 1 [pid 494] fspick(AT_FDCWD, ".", 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... fspick resumed>) = 5 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 0 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 492] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] <... futex resumed>) = 0 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] <... futex resumed>) = 0 [pid 492] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 491] <... futex resumed>) = 0 [pid 492] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... sendto resumed>) = 28 [pid 491] <... futex resumed>) = 0 [pid 492] recvfrom(3, [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=491}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 492] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=491}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 491] <... futex resumed>) = 0 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 491] <... futex resumed>) = 0 [pid 492] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 491] <... futex resumed>) = 0 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 491] <... futex resumed>) = 0 [pid 492] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 492] <... futex resumed>) = 0 [pid 492] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 491] <... futex resumed>) = 0 [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 492] <... futex resumed>) = 0 [pid 494] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 492] <... futex resumed>) = 0 [pid 491] <... futex resumed>) = 1 [pid 494] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 491] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 493] <... futex resumed>) = 0 [pid 492] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 494] <... open resumed>) = 6 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 492] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 1 [pid 491] <... futex resumed>) = 0 [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 492] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 491] exit_group(0 [pid 494] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = ? [pid 491] <... exit_group resumed>) = ? [pid 494] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 493] <... futex resumed>) = 0 [pid 492] +++ exited with 0 +++ [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] +++ exited with 0 +++ [pid 494] <... futex resumed>) = 0 [pid 493] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=491, si_uid=0, si_status=0, si_utime=3, si_stime=20} --- [pid 494] sendfile(-1, -1, NULL, 281483568746501 [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 494] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... futex resumed>) = 0 [pid 493] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 494] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 494] <... sendto resumed>) = 28 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=493}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 494] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=493}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 292] <... restart_syscall resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 494] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 494] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 494] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 37.340305][ T502] F2FS-fs (loop0): fault_type options not supported [ 37.348545][ T494] F2FS-fs (loop2): switch discard_unit option is not allowed [ 37.356635][ T502] F2FS-fs (loop0): invalid crc value [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 494] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 493] <... futex resumed>) = 0 [pid 292] <... openat resumed>) = 3 [pid 494] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 493] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 292] newfstatat(3, "", [pid 494] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 494] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] getdents64(3, [pid 494] <... futex resumed>) = 1 [pid 493] <... futex resumed>) = 0 [pid 292] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 494] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] exit_group(0 [pid 292] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 494] <... futex resumed>) = ? [pid 493] <... exit_group resumed>) = ? [pid 494] +++ exited with 0 +++ [pid 493] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=493, si_uid=0, si_status=0, si_utime=7, si_stime=24} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 37.388891][ T502] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 293] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 512] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 496] <... mount resumed>) = 0 [pid 496] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 496] chdir("./file4") = 0 [pid 496] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 496] ioctl(5, LOOP_CLR_FD) = 0 [pid 496] close(5) = 0 [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] fspick(AT_FDCWD, ".", 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... fspick resumed>) = 5 [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 37.470689][ T496] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 37.480718][ T496] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... futex resumed>) = 0 [pid 496] <... futex resumed>) = 1 [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 495] <... futex resumed>) = 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... open resumed>) = 6 [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 496] sendfile(-1, -1, NULL, 281483568746501 [pid 495] <... futex resumed>) = 0 [pid 496] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 495] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 496] <... futex resumed>) = 0 [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 495] <... futex resumed>) = 0 [pid 496] <... sendto resumed>) = 28 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=495}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 496] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=495}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 496] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 496] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 496] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 496] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 495] <... futex resumed>) = 0 [pid 496] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 495] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 496] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 496] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] <... futex resumed>) = 0 [pid 496] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 495] exit_group(0 [pid 496] <... futex resumed>) = ? [pid 495] <... exit_group resumed>) = ? [pid 496] +++ exited with 0 +++ [pid 495] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=495, si_uid=0, si_status=0, si_utime=7, si_stime=20} --- [pid 295] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 37.511990][ T496] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 295] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 502] <... mount resumed>) = 0 [pid 502] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 502] chdir("./file4") = 0 [pid 502] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 502] ioctl(5, LOOP_CLR_FD) = 0 [pid 502] close(5) = 0 [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... futex resumed>) = 1 [pid 502] fspick(AT_FDCWD, ".", 0) = 5 [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... futex resumed>) = 1 [ 37.558815][ T502] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 37.578978][ T502] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 502] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 292] <... umount2 resumed>) = 0 [pid 292] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(4, [pid 502] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 292] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4) = 0 [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... futex resumed>) = 1 [pid 502] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 292] rmdir("./6/file4") = 0 [pid 292] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./6/binderfs") = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./6") = 0 [pid 292] mkdir("./7", 0777 [pid 502] <... open resumed>) = 6 [pid 292] <... mkdir resumed>) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... futex resumed>) = 1 [pid 502] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... futex resumed>) = 1 [pid 502] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... futex resumed>) = 1 [pid 502] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 502] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=501}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 502] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=501}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 292] <... clone resumed>, child_tidptr=0x55557f749750) = 521 [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 502] <... futex resumed>) = 1 [pid 502] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 502] <... futex resumed>) = 1 [pid 502] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 502] <... futex resumed>) = 1 [pid 502] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 501] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 502] <... futex resumed>) = 1 [pid 502] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 502] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 501] <... futex resumed>) = 0 [pid 501] exit_group(0) = ? [pid 502] <... futex resumed>) = ? [pid 512] <... write resumed>) = 20699119 [pid 502] +++ exited with 0 +++ [pid 501] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=501, si_uid=0, si_status=0, si_utime=3, si_stime=22} --- [pid 291] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 291] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 291] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 521 attached [pid 521] set_robust_list(0x55557f749760, 24) = 0 [pid 521] chdir("./7") = 0 [pid 521] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 512] munmap(0x7f837a30b000, 138412032 [pid 521] <... prctl resumed>) = 0 [pid 521] setpgid(0, 0) = 0 [pid 521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 521] write(3, "1000", 4) = 4 [pid 521] close(3) = 0 [pid 521] symlink("/dev/binderfs", "./binderfs") = 0 [pid 521] write(1, "executing program\n", 18executing program ) = 18 [pid 521] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 521] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 521] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 521] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 521] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 512] <... munmap resumed>) = 0 [pid 521] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 512] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 521] <... clone3 resumed> => {parent_tid=[522]}, 88) = 522 [pid 521] rt_sigprocmask(SIG_SETMASK, [], [pid 512] <... openat resumed>) = 5 [pid 521] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] ioctl(5, LOOP_SET_FD, 4 [pid 521] <... futex resumed>) = 0 [ 37.622446][ T502] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 522 attached [pid 522] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 522] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 522] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] <... futex resumed>) = 0 [pid 512] <... ioctl resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] close(4 [pid 521] <... futex resumed>) = 1 [pid 512] <... close resumed>) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] close(5) = 0 [pid 522] <... futex resumed>) = 0 [pid 512] mkdir("./file4", 0777 [pid 522] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... mkdir resumed>) = 0 [pid 522] <... futex resumed>) = 1 [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] bpf(BPF_PROG_LOAD, NULL, 0 [pid 512] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 522] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] <... socket resumed>) = 3 [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] <... futex resumed>) = 0 [pid 522] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 521] <... futex resumed>) = 0 [pid 522] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 522] memfd_create("syzkaller", 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 522] <... memfd_create resumed>) = 4 [pid 522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./6/file4") = 0 [pid 293] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./6/binderfs") = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./6") = 0 [pid 293] mkdir("./7", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 523 ./strace-static-x86_64: Process 523 attached [pid 523] set_robust_list(0x55557f749760, 24) = 0 [pid 523] chdir("./7") = 0 [pid 523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 523] setpgid(0, 0) = 0 [pid 523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 523] write(3, "1000", 4) = 4 [pid 523] close(3) = 0 [pid 523] symlink("/dev/binderfs", "./binderfs") = 0 [pid 523] write(1, "executing program\n", 18executing program ) = 18 [pid 523] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [ 37.679756][ T512] loop3: detected capacity change from 0 to 40427 [ 37.703106][ T512] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 37.721018][ T512] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 523] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 523] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 523] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 523] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 523] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[524]}, 88) = 524 [pid 523] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 524 attached [pid 524] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 524] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 524] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] bpf(BPF_PROG_LOAD, NULL, 0 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 523] <... futex resumed>) = 0 [pid 524] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 524] memfd_create("syzkaller", 0 [pid 295] <... umount2 resumed>) = 0 [pid 524] <... memfd_create resumed>) = 4 [pid 295] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 295] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 295] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 295] close(4) = 0 [pid 295] rmdir("./6/file4") = 0 [pid 295] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./6/binderfs") = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3) = 0 [pid 295] rmdir("./6") = 0 [pid 295] mkdir("./7", 0777) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3) = 0 [ 37.767405][ T512] F2FS-fs (loop3): fault_injection options not supported [ 37.778043][ T512] F2FS-fs (loop3): fault_type options not supported [ 37.796072][ T512] F2FS-fs (loop3): invalid crc value [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 528 ./strace-static-x86_64: Process 528 attached [pid 528] set_robust_list(0x55557f749760, 24) = 0 [pid 528] chdir("./7") = 0 [pid 528] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 528] setpgid(0, 0) = 0 [pid 528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 528] write(3, "1000", 4) = 4 [pid 528] close(3) = 0 [pid 528] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 528] write(1, "executing program\n", 18) = 18 [pid 528] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 528] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 528] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 528] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 528] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 528] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 528] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[529]}, 88) = 529 [pid 528] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 291] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 529 attached [pid 529] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 529] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 529] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = 0 [pid 529] <... futex resumed>) = 1 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] bpf(BPF_MAP_CREATE, NULL, 0 [pid 528] <... futex resumed>) = 0 [pid 529] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] bpf(BPF_PROG_LOAD, NULL, 0 [pid 528] <... futex resumed>) = 0 [pid 529] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] bpf(BPF_PROG_LOAD, NULL, 0 [pid 528] <... futex resumed>) = 0 [pid 529] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] bpf(BPF_MAP_CREATE, NULL, 0 [pid 528] <... futex resumed>) = 0 [pid 529] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] bpf(BPF_PROG_LOAD, NULL, 0 [pid 528] <... futex resumed>) = 0 [pid 529] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 528] <... futex resumed>) = 0 [pid 529] <... socket resumed>) = 3 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] bpf(BPF_MAP_CREATE, NULL, 72 [pid 528] <... futex resumed>) = 0 [pid 529] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 528] <... futex resumed>) = 0 [pid 529] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] memfd_create("syzkaller", 0 [pid 528] <... futex resumed>) = 0 [pid 529] <... memfd_create resumed>) = 4 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 529] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 37.833460][ T512] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 291] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./7/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./7/file4") = 0 [pid 291] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./7/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./7") = 0 [pid 291] mkdir("./8", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 530 ./strace-static-x86_64: Process 530 attached [pid 530] set_robust_list(0x55557f749760, 24) = 0 [pid 530] chdir("./8") = 0 [pid 530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 530] setpgid(0, 0) = 0 [pid 530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 530] write(3, "1000", 4) = 4 [pid 530] close(3) = 0 [pid 530] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 530] write(1, "executing program\n", 18) = 18 [pid 530] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 530] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 530] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 530] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 530] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 530] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[531]}, 88) = 531 [pid 530] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 531 attached [pid 531] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 531] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 531] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 531] <... futex resumed>) = 1 [pid 531] memfd_create("syzkaller", 0) = 4 [pid 531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 512] <... mount resumed>) = 0 [pid 512] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 512] chdir("./file4") = 0 [pid 512] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 512] ioctl(5, LOOP_CLR_FD) = 0 [pid 512] close(5) = 0 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 512] <... futex resumed>) = 0 [pid 509] <... futex resumed>) = 1 [pid 512] fspick(AT_FDCWD, ".", 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... fspick resumed>) = 5 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 512] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 37.938504][ T512] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 37.956457][ T512] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 512] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 524] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 512] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 512] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=509}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 512] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=509}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 512] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 512] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 512] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 509] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 512] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 512] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 509] <... futex resumed>) = 0 [pid 509] exit_group(0) = ? [ 37.985654][ T512] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 512] +++ exited with 0 +++ [pid 509] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=509, si_uid=0, si_status=0, si_utime=3, si_stime=20} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 294] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 529] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 531] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 522] <... write resumed>) = 20699119 [pid 522] munmap(0x7f837a30b000, 138412032) = 0 [pid 522] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 522] ioctl(5, LOOP_SET_FD, 4 [pid 524] <... write resumed>) = 20699119 [pid 524] munmap(0x7f837a30b000, 138412032 [pid 522] <... ioctl resumed>) = 0 [pid 522] close(4) = 0 [pid 522] close(5) = 0 [pid 522] mkdir("./file4", 0777) = 0 [pid 524] <... munmap resumed>) = 0 [pid 524] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 522] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 524] <... openat resumed>) = 5 [pid 294] <... umount2 resumed>) = 0 [pid 524] ioctl(5, LOOP_SET_FD, 4 [pid 294] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./7/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 524] <... ioctl resumed>) = 0 [ 38.166865][ T522] loop1: detected capacity change from 0 to 40427 [ 38.200735][ T522] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 38.208368][ T524] loop2: detected capacity change from 0 to 40427 [pid 294] <... openat resumed>) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 524] close(4) = 0 [pid 524] close(5 [pid 294] close(4 [pid 524] <... close resumed>) = 0 [pid 294] <... close resumed>) = 0 [pid 524] mkdir("./file4", 0777 [pid 294] rmdir("./7/file4") = 0 [pid 294] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./7/binderfs") = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./7" [pid 524] <... mkdir resumed>) = 0 [pid 294] <... rmdir resumed>) = 0 [pid 294] mkdir("./8", 0777) = 0 [pid 524] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 533 ./strace-static-x86_64: Process 533 attached [pid 533] set_robust_list(0x55557f749760, 24) = 0 [pid 533] chdir("./8") = 0 [pid 533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 533] setpgid(0, 0) = 0 [pid 533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 533] write(3, "1000", 4) = 4 [pid 533] close(3) = 0 [pid 533] symlink("/dev/binderfs", "./binderfs") = 0 [pid 533] write(1, "executing program\n", 18executing program ) = 18 [pid 533] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 533] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 533] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 533] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 533] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 533] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 533] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[534]}, 88) = 534 [pid 533] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 38.218868][ T522] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 38.238549][ T524] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 38.253057][ T524] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 38.261566][ T522] F2FS-fs (loop1): fault_injection options not supported [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 534 attached [pid 534] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 529] <... write resumed>) = 20699119 [pid 534] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 534] bpf(BPF_PROG_LOAD, NULL, 0 [pid 529] munmap(0x7f837a30b000, 138412032 [pid 534] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 529] <... munmap resumed>) = 0 [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 534] <... futex resumed>) = 1 [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] <... futex resumed>) = 0 [pid 529] <... openat resumed>) = 5 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] ioctl(5, LOOP_SET_FD, 4 [pid 534] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] <... futex resumed>) = 0 [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] <... futex resumed>) = 0 [pid 534] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] <... futex resumed>) = 0 [pid 529] <... ioctl resumed>) = 0 [pid 534] bpf(BPF_PROG_LOAD, NULL, 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] <... futex resumed>) = 0 [pid 534] bpf(BPF_MAP_CREATE, NULL, 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] close(4 [pid 534] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 531] <... write resumed>) = 20699119 [ 38.277630][ T522] F2FS-fs (loop1): fault_type options not supported [ 38.285417][ T524] F2FS-fs (loop2): fault_injection options not supported [ 38.292483][ T524] F2FS-fs (loop2): fault_type options not supported [ 38.306931][ T522] F2FS-fs (loop1): invalid crc value [ 38.312527][ T529] loop4: detected capacity change from 0 to 40427 [ 38.322036][ T524] F2FS-fs (loop2): invalid crc value [pid 531] munmap(0x7f837a30b000, 138412032) = 0 [pid 531] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 531] ioctl(5, LOOP_SET_FD, 4 [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... close resumed>) = 0 [pid 534] <... futex resumed>) = 1 [pid 529] close(5 [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] <... futex resumed>) = 0 [pid 529] <... close resumed>) = 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] mkdir("./file4", 0777 [pid 533] <... futex resumed>) = 1 [pid 534] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] <... mkdir resumed>) = 0 [pid 534] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 529] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 534] <... socket resumed>) = 3 [pid 531] <... ioctl resumed>) = 0 [pid 531] close(4) = 0 [pid 531] close(5) = 0 [pid 531] mkdir("./file4", 0777) = 0 [pid 531] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] <... futex resumed>) = 0 [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 534] bpf(BPF_MAP_CREATE, NULL, 72 [pid 533] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] <... futex resumed>) = 0 [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 533] <... futex resumed>) = 0 [pid 534] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] <... futex resumed>) = 0 [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 533] <... futex resumed>) = 0 [pid 534] memfd_create("syzkaller", 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 534] <... memfd_create resumed>) = 4 [pid 534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 38.330153][ T522] F2FS-fs (loop1): Found nat_bits in checkpoint [ 38.334126][ T531] loop0: detected capacity change from 0 to 40427 [ 38.345297][ T529] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 38.348441][ T531] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 38.352295][ T529] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 38.359920][ T531] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 38.394376][ T524] F2FS-fs (loop2): Found nat_bits in checkpoint [ 38.398378][ T531] F2FS-fs (loop0): fault_injection options not supported [ 38.418278][ T531] F2FS-fs (loop0): fault_type options not supported [ 38.428135][ T531] F2FS-fs (loop0): invalid crc value [ 38.437007][ T529] F2FS-fs (loop4): fault_injection options not supported [ 38.444370][ T529] F2FS-fs (loop4): fault_type options not supported [ 38.452365][ T529] F2FS-fs (loop4): invalid crc value [ 38.459789][ T529] F2FS-fs (loop4): Found nat_bits in checkpoint [ 38.466719][ T531] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 524] <... mount resumed>) = 0 [pid 524] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 524] chdir("./file4") = 0 [pid 524] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 524] ioctl(5, LOOP_CLR_FD) = 0 [pid 524] close(5) = 0 [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] fspick(AT_FDCWD, ".", 0) = 5 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] <... mount resumed>) = 0 [pid 522] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 522] chdir("./file4") = 0 [ 38.494970][ T522] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 38.502376][ T524] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 38.512367][ T524] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 38.520000][ T522] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 522] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 522] ioctl(5, LOOP_CLR_FD) = 0 [pid 522] close(5 [pid 524] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 524] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 522] <... close resumed>) = 0 [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... open resumed>) = 6 [pid 522] <... futex resumed>) = 0 [pid 521] <... futex resumed>) = 1 [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... futex resumed>) = 1 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = 0 [pid 522] fspick(AT_FDCWD, ".", 0 [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... fspick resumed>) = 5 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] <... futex resumed>) = 1 [pid 521] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 522] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = 1 [pid 524] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=523}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 524] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=523}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 523] <... futex resumed>) = 0 [pid 524] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] <... futex resumed>) = 0 [pid 524] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 523] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 523] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 524] <... futex resumed>) = 0 [pid 523] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 524] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 523] <... futex resumed>) = 0 [pid 524] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 523] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 524] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 524] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] <... futex resumed>) = 0 [pid 524] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] exit_group(0 [pid 524] <... futex resumed>) = ? [pid 523] <... exit_group resumed>) = ? [pid 524] +++ exited with 0 +++ [pid 523] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=523, si_uid=0, si_status=0, si_utime=2, si_stime=19} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 38.545688][ T524] F2FS-fs (loop2): switch discard_unit option is not allowed [ 38.577226][ T522] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 293] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 522] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = 0 [pid 521] <... futex resumed>) = 1 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = 0 [pid 521] <... futex resumed>) = 1 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 522] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... sendto resumed>) = 28 [pid 521] <... futex resumed>) = 0 [pid 522] recvfrom(3, [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=521}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 522] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=521}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] <... futex resumed>) = 0 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 521] <... futex resumed>) = 0 [pid 522] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 521] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 522] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 521] <... futex resumed>) = 0 [pid 531] <... mount resumed>) = 0 [pid 529] <... mount resumed>) = 0 [pid 522] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 521] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 531] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 529] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 522] <... futex resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 531] <... openat resumed>) = 4 [pid 529] <... openat resumed>) = 4 [pid 522] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 521] <... futex resumed>) = 0 [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 531] chdir("./file4" [pid 529] chdir("./file4" [pid 522] <... futex resumed>) = 0 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 531] <... chdir resumed>) = 0 [pid 529] <... chdir resumed>) = 0 [pid 521] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 529] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 522] <... futex resumed>) = 0 [pid 521] <... futex resumed>) = 1 [pid 531] <... openat resumed>) = 5 [pid 529] <... openat resumed>) = 5 [pid 522] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 521] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 531] ioctl(5, LOOP_CLR_FD [pid 529] ioctl(5, LOOP_CLR_FD [pid 522] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 531] <... ioctl resumed>) = 0 [pid 529] <... ioctl resumed>) = 0 [pid 522] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] close(5 [pid 529] close(5 [pid 522] <... futex resumed>) = 1 [pid 521] <... futex resumed>) = 0 [pid 531] <... close resumed>) = 0 [pid 529] <... close resumed>) = 0 [pid 522] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 521] exit_group(0 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = ? [pid 521] <... exit_group resumed>) = ? [pid 531] <... futex resumed>) = 1 [pid 530] <... futex resumed>) = 0 [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 522] +++ exited with 0 +++ [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 521] +++ exited with 0 +++ [pid 531] fspick(AT_FDCWD, ".", 0 [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] <... fspick resumed>) = 5 [pid 529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] <... futex resumed>) = 0 [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=521, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] fspick(AT_FDCWD, ".", 0 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 531] <... futex resumed>) = 1 [pid 530] <... futex resumed>) = 0 [pid 529] <... fspick resumed>) = 5 [pid 531] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 530] <... futex resumed>) = 0 [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 292] <... restart_syscall resumed>) = 0 [pid 531] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [ 38.607925][ T531] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 38.615479][ T529] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 38.622543][ T529] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 38.631820][ T531] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] <... futex resumed>) = 0 [pid 529] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 292] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 531] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 529] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] <... futex resumed>) = 1 [pid 530] <... futex resumed>) = 0 [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 529] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 528] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 530] <... futex resumed>) = 0 [pid 531] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 529] <... open resumed>) = 6 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... open resumed>) = 6 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 531] <... futex resumed>) = 1 [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 531] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] <... futex resumed>) = 0 [pid 529] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 530] <... futex resumed>) = 0 [pid 529] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 528] <... futex resumed>) = 0 [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] <... futex resumed>) = 0 [pid 529] sendfile(-1, -1, NULL, 281483568746501 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 531] <... futex resumed>) = 0 [pid 530] <... futex resumed>) = 1 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 531] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 531] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... sendto resumed>) = 28 [pid 528] <... futex resumed>) = 0 [pid 531] sendfile(-1, -1, NULL, 281483568746501 [pid 530] <... futex resumed>) = 0 [pid 529] recvfrom(3, [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=528}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 529] recvfrom(3, [pid 531] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 530] <... futex resumed>) = 0 [pid 529] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=528}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 531] <... sendto resumed>) = 28 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 531] recvfrom(3, [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=530}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 531] recvfrom(3, [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=530}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] <... futex resumed>) = 0 [pid 534] <... write resumed>) = 20699119 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] munmap(0x7f837a30b000, 138412032 [pid 531] <... futex resumed>) = 1 [pid 530] <... futex resumed>) = 0 [pid 529] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 531] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 530] <... futex resumed>) = 0 [pid 531] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 531] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] <... futex resumed>) = 0 [pid 531] <... futex resumed>) = 1 [pid 530] <... futex resumed>) = 0 [pid 529] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 534] <... munmap resumed>) = 0 [pid 531] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 534] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 531] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 530] <... futex resumed>) = 0 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... openat resumed>) = 5 [pid 531] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 529] <... futex resumed>) = 1 [pid 534] ioctl(5, LOOP_SET_FD, 4 [pid 531] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] <... futex resumed>) = 0 [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] <... futex resumed>) = 1 [pid 530] <... futex resumed>) = 0 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 528] <... futex resumed>) = 1 [pid 529] <... futex resumed>) = 0 [pid 531] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 531] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 529] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 531] <... futex resumed>) = 1 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 531] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 528] <... futex resumed>) = 0 [pid 529] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 528] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 529] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 530] <... futex resumed>) = 0 [pid 529] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 530] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 529] <... futex resumed>) = 1 [pid 528] <... futex resumed>) = 0 [pid 529] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 528] exit_group(0) = ? [pid 529] <... futex resumed>) = ? [pid 531] <... futex resumed>) = 0 [pid 530] <... futex resumed>) = 1 [pid 530] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 529] +++ exited with 0 +++ [pid 531] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 528] +++ exited with 0 +++ [pid 531] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 531] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=528, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 531] <... futex resumed>) = 1 [pid 295] restart_syscall(<... resuming interrupted clone ...> [pid 531] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 530] <... futex resumed>) = 0 [pid 530] exit_group(0 [pid 531] <... futex resumed>) = ? [pid 530] <... exit_group resumed>) = ? [pid 531] +++ exited with 0 +++ [pid 530] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=530, si_uid=0, si_status=0, si_utime=5, si_stime=23} --- [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 534] <... ioctl resumed>) = 0 [pid 534] close(4) = 0 [pid 534] close(5 [pid 291] <... restart_syscall resumed>) = 0 [pid 534] <... close resumed>) = 0 [pid 291] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 534] mkdir("./file4", 0777 [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, [pid 295] <... restart_syscall resumed>) = 0 [pid 291] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 291] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 295] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 534] <... mkdir resumed>) = 0 [pid 295] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", [pid 534] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 38.678143][ T531] F2FS-fs (loop0): switch discard_unit option is not allowed [ 38.687034][ T529] F2FS-fs (loop4): switch discard_unit option is not allowed [ 38.729980][ T534] loop3: detected capacity change from 0 to 40427 [ 38.757845][ T534] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 295] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./7/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./7/file4") = 0 [pid 293] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./7/binderfs") = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./7") = 0 [pid 293] mkdir("./8", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 552 [ 38.793120][ T534] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 38.832238][ T534] F2FS-fs (loop3): fault_injection options not supported ./strace-static-x86_64: Process 552 attached [pid 552] set_robust_list(0x55557f749760, 24) = 0 [pid 552] chdir("./8") = 0 [pid 552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 552] setpgid(0, 0) = 0 [pid 552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 552] write(3, "1000", 4) = 4 [pid 552] close(3) = 0 [pid 552] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 552] write(1, "executing program\n", 18) = 18 [pid 552] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 552] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 552] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 552] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 552] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 552] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[555]}, 88) = 555 [pid 552] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 555 attached [pid 555] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 555] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 555] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] <... futex resumed>) = 1 [pid 555] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [ 38.843739][ T534] F2FS-fs (loop3): fault_type options not supported [ 38.863930][ T534] F2FS-fs (loop3): invalid crc value [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 555] memfd_create("syzkaller", 0) = 4 [pid 555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 291] <... umount2 resumed>) = 0 [pid 291] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./8/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./8/file4") = 0 [pid 291] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./8/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./8") = 0 [pid 291] mkdir("./9", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 556 ./strace-static-x86_64: Process 556 attached [pid 556] set_robust_list(0x55557f749760, 24) = 0 [pid 556] chdir("./9") = 0 [pid 556] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 556] setpgid(0, 0) = 0 [pid 556] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 556] write(3, "1000", 4) = 4 [pid 556] close(3) = 0 [pid 556] symlink("/dev/binderfs", "./binderfs") = 0 [pid 556] write(1, "executing program\n", 18executing program ) = 18 [pid 556] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 556] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 556] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 556] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 556] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 556] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[557]}, 88) = 557 [pid 556] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 557 attached [pid 292] <... umount2 resumed>) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] set_robust_list(0x7f838272b9a0, 24 [pid 292] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 557] <... set_robust_list resumed>) = 0 [pid 557] rt_sigprocmask(SIG_SETMASK, [], [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 557] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 292] newfstatat(AT_FDCWD, "./7/file4", [pid 557] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 557] <... futex resumed>) = 1 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 292] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 556] <... futex resumed>) = 0 [pid 292] <... openat resumed>) = 4 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 557] <... futex resumed>) = 0 [pid 556] <... futex resumed>) = 1 [pid 292] getdents64(4, [pid 557] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] getdents64(4, [pid 557] <... futex resumed>) = 0 [pid 292] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 292] close(4 [pid 556] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 292] <... close resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] rmdir("./7/file4" [pid 556] <... futex resumed>) = 1 [pid 292] <... rmdir resumed>) = 0 [pid 557] <... futex resumed>) = 0 [pid 292] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 557] bpf(BPF_PROG_LOAD, NULL, 0 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 557] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 292] newfstatat(AT_FDCWD, "./7/binderfs", [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 557] <... futex resumed>) = 0 [pid 292] unlink("./7/binderfs" [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] <... unlink resumed>) = 0 [pid 556] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 292] getdents64(3, [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 557] <... futex resumed>) = 0 [pid 556] <... futex resumed>) = 1 [pid 557] bpf(BPF_PROG_LOAD, NULL, 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] close(3 [pid 557] <... bpf resumed>) = -1 EFAULT (Bad address) [ 38.895091][ T534] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... close resumed>) = 0 [pid 557] <... futex resumed>) = 1 [pid 556] <... futex resumed>) = 0 [pid 292] rmdir("./7" [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 557] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 556] <... futex resumed>) = 0 [pid 292] <... rmdir resumed>) = 0 [pid 557] bpf(BPF_MAP_CREATE, NULL, 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 292] mkdir("./8", 0777 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 556] <... futex resumed>) = 0 [pid 292] <... mkdir resumed>) = 0 [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 557] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 556] <... futex resumed>) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 557] bpf(BPF_PROG_LOAD, NULL, 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 295] <... umount2 resumed>) = 0 [pid 292] <... openat resumed>) = 3 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] ioctl(3, LOOP_CLR_FD [pid 557] <... futex resumed>) = 1 [pid 556] <... futex resumed>) = 0 [pid 295] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 292] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] close(3 [pid 557] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 556] <... futex resumed>) = 0 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] <... close resumed>) = 0 [pid 557] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 295] newfstatat(AT_FDCWD, "./7/file4", [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 557] <... socket resumed>) = 3 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 559 attached [pid 559] set_robust_list(0x55557f749760, 24) = 0 [pid 559] chdir("./8") = 0 [pid 559] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 559] setpgid(0, 0) = 0 [pid 559] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 559] write(3, "1000", 4) = 4 [pid 559] close(3) = 0 [pid 559] symlink("/dev/binderfs", "./binderfs") = 0 [pid 559] write(1, "executing program\n", 18executing program ) = 18 [pid 559] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 557] <... futex resumed>) = 1 [pid 295] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 292] <... clone resumed>, child_tidptr=0x55557f749750) = 559 [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 556] <... futex resumed>) = 0 [pid 295] <... openat resumed>) = 4 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] newfstatat(4, "", [pid 557] <... futex resumed>) = 0 [pid 556] <... futex resumed>) = 1 [pid 295] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 557] bpf(BPF_MAP_CREATE, NULL, 72 [pid 295] getdents64(4, [pid 557] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 0 [pid 295] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 295] getdents64(4, [pid 556] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 295] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] close(4 [pid 557] <... futex resumed>) = 0 [pid 556] <... futex resumed>) = 1 [pid 295] <... close resumed>) = 0 [pid 557] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 295] rmdir("./7/file4" [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 557] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 557] <... futex resumed>) = 0 [pid 556] <... futex resumed>) = 1 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 557] memfd_create("syzkaller", 0 [pid 295] <... rmdir resumed>) = 0 [pid 557] <... memfd_create resumed>) = 4 [pid 295] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 295] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 559] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 559] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 559] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 559] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 559] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[560]}, 88) = 560 [pid 559] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 560 attached [pid 560] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 560] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 560] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./7/binderfs" [pid 559] <... futex resumed>) = 0 [pid 295] <... unlink resumed>) = 0 [pid 295] getdents64(3, [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 559] <... futex resumed>) = 0 [pid 295] close(3 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 295] <... close resumed>) = 0 [pid 295] rmdir("./7" [pid 560] <... futex resumed>) = 1 [pid 560] bpf(BPF_PROG_LOAD, NULL, 0 [pid 295] <... rmdir resumed>) = 0 [pid 295] mkdir("./8", 0777 [pid 560] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 295] <... mkdir resumed>) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 295] <... close resumed>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 560] bpf(BPF_PROG_LOAD, NULL, 0 [pid 295] <... clone resumed>, child_tidptr=0x55557f749750) = 561 [pid 560] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] memfd_create("syzkaller", 0) = 4 [pid 560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 ./strace-static-x86_64: Process 561 attached [pid 561] set_robust_list(0x55557f749760, 24) = 0 [pid 561] chdir("./8") = 0 [pid 561] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 561] setpgid(0, 0) = 0 [pid 561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 561] write(3, "1000", 4) = 4 [pid 561] close(3) = 0 [pid 561] symlink("/dev/binderfs", "./binderfs") = 0 [pid 561] write(1, "executing program\n", 18executing program ) = 18 [pid 561] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 561] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 561] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 561] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 561] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 561] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[562]}, 88) = 562 [pid 561] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 562 attached [pid 562] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 534] <... mount resumed>) = 0 [pid 562] rt_sigprocmask(SIG_SETMASK, [], [pid 534] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 562] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 562] bpf(BPF_PROG_LOAD, NULL, 0 [pid 534] <... openat resumed>) = 4 [pid 562] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 534] chdir("./file4" [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 561] <... futex resumed>) = 0 [pid 534] <... chdir resumed>) = 0 [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 562] <... futex resumed>) = 0 [pid 561] <... futex resumed>) = 1 [pid 534] <... openat resumed>) = 5 [pid 562] bpf(BPF_MAP_CREATE, NULL, 0 [pid 534] ioctl(5, LOOP_CLR_FD [pid 562] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 534] <... ioctl resumed>) = 0 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] close(5 [pid 562] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] bpf(BPF_PROG_LOAD, NULL, 0 [pid 534] <... close resumed>) = 0 [pid 562] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 1 [pid 533] <... futex resumed>) = 0 [pid 562] <... futex resumed>) = 1 [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 533] <... futex resumed>) = 0 [pid 534] fspick(AT_FDCWD, ".", 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 561] <... futex resumed>) = 0 [pid 534] <... fspick resumed>) = 5 [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = 1 [pid 533] <... futex resumed>) = 0 [pid 534] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 533] <... futex resumed>) = 0 [pid 534] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 561] <... futex resumed>) = 1 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 0 [pid 562] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 561] <... futex resumed>) = 0 [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] <... futex resumed>) = 0 [pid 561] <... futex resumed>) = 1 [pid 562] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] <... futex resumed>) = 0 [pid 561] <... futex resumed>) = 1 [pid 562] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] <... futex resumed>) = 0 [pid 561] <... futex resumed>) = 1 [pid 562] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... socket resumed>) = 3 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 561] <... futex resumed>) = 0 [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 561] <... futex resumed>) = 0 [pid 562] bpf(BPF_MAP_CREATE, NULL, 72 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 562] <... futex resumed>) = 1 [pid 561] <... futex resumed>) = 0 [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 561] <... futex resumed>) = 0 [pid 562] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] <... futex resumed>) = 1 [pid 533] <... futex resumed>) = 0 [pid 562] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 534] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] <... futex resumed>) = 1 [pid 561] <... futex resumed>) = 0 [pid 533] <... futex resumed>) = 0 [pid 562] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 561] <... futex resumed>) = 0 [pid 534] <... open resumed>) = 6 [pid 562] memfd_create("syzkaller", 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 562] <... memfd_create resumed>) = 4 [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 534] <... futex resumed>) = 1 [pid 533] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [ 38.996320][ T534] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 39.033556][ T534] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 533] <... futex resumed>) = 0 [pid 534] sendfile(-1, -1, NULL, 281483568746501 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 534] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 534] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 533] <... futex resumed>) = 0 [pid 534] <... sendto resumed>) = 28 [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=533}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 534] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=533}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] <... futex resumed>) = 0 [pid 534] <... futex resumed>) = 1 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 533] <... futex resumed>) = 0 [pid 534] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 534] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 533] <... futex resumed>) = 0 [pid 534] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 534] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 533] <... futex resumed>) = 0 [pid 534] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 534] <... futex resumed>) = 0 [pid 533] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 534] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 533] <... futex resumed>) = 0 [pid 534] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 533] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 534] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 533] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 534] <... futex resumed>) = 0 [pid 533] exit_group(0) = ? [pid 534] +++ exited with 0 +++ [pid 533] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=533, si_uid=0, si_status=0, si_utime=6, si_stime=20} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 39.064364][ T534] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 294] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 555] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 560] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 557] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 562] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 555] <... write resumed>) = 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 555] munmap(0x7f837a30b000, 138412032 [pid 294] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 555] <... munmap resumed>) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 555] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 294] newfstatat(AT_FDCWD, "./8/file4", [pid 555] <... openat resumed>) = 5 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 555] ioctl(5, LOOP_SET_FD, 4 [pid 294] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 555] <... ioctl resumed>) = 0 [pid 294] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 555] close(4 [pid 294] getdents64(4, [pid 555] <... close resumed>) = 0 [pid 294] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 555] close(5 [pid 294] close(4 [pid 555] <... close resumed>) = 0 [pid 294] <... close resumed>) = 0 [pid 555] mkdir("./file4", 0777 [pid 294] rmdir("./8/file4") = 0 [pid 294] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 555] <... mkdir resumed>) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 555] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./8/binderfs") = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./8") = 0 [pid 294] mkdir("./9", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 563 [pid 560] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 563 attached [pid 560] munmap(0x7f837a30b000, 138412032 [pid 563] set_robust_list(0x55557f749760, 24 [pid 560] <... munmap resumed>) = 0 [pid 563] <... set_robust_list resumed>) = 0 [pid 560] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 563] chdir("./9" [pid 560] <... openat resumed>) = 5 [pid 563] <... chdir resumed>) = 0 [pid 560] ioctl(5, LOOP_SET_FD, 4 [pid 563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 563] setpgid(0, 0) = 0 [pid 563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 560] <... ioctl resumed>) = 0 [pid 563] <... openat resumed>) = 3 [pid 560] close(4 [pid 563] write(3, "1000", 4) = 4 [pid 560] <... close resumed>) = 0 [pid 563] close(3 [pid 560] close(5 [pid 563] <... close resumed>) = 0 [pid 560] <... close resumed>) = 0 [pid 563] symlink("/dev/binderfs", "./binderfs" [pid 560] mkdir("./file4", 0777 [pid 563] <... symlink resumed>) = 0 executing program [pid 563] write(1, "executing program\n", 18) = 18 [pid 560] <... mkdir resumed>) = 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 560] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 563] <... futex resumed>) = 0 [pid 563] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 563] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [ 39.343595][ T555] loop2: detected capacity change from 0 to 40427 [ 39.355513][ T555] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 39.370987][ T555] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 39.380401][ T555] F2FS-fs (loop2): fault_injection options not supported [pid 563] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 563] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 563] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 563] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[564]}, 88) = 564 [pid 563] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 564 attached [pid 557] munmap(0x7f837a30b000, 138412032 [pid 564] set_robust_list(0x7f838272b9a0, 24 [pid 557] <... munmap resumed>) = 0 [pid 564] <... set_robust_list resumed>) = 0 [pid 564] rt_sigprocmask(SIG_SETMASK, [], [pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 564] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 557] <... openat resumed>) = 5 [pid 564] bpf(BPF_PROG_LOAD, NULL, 0 [pid 557] ioctl(5, LOOP_SET_FD, 4 [pid 564] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 557] <... ioctl resumed>) = 0 [pid 564] <... futex resumed>) = 1 [pid 563] <... futex resumed>) = 0 [pid 557] close(4 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 557] <... close resumed>) = 0 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 557] close(5 [pid 564] bpf(BPF_MAP_CREATE, NULL, 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... close resumed>) = 0 [pid 564] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 557] mkdir("./file4", 0777 [pid 564] <... futex resumed>) = 1 [pid 563] <... futex resumed>) = 0 [pid 557] <... mkdir resumed>) = 0 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 563] <... futex resumed>) = 0 [pid 557] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... futex resumed>) = 0 [pid 563] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] bpf(BPF_PROG_LOAD, NULL, 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... bpf resumed>) = -1 EFAULT (Bad address) [ 39.389088][ T555] F2FS-fs (loop2): fault_type options not supported [ 39.396447][ T560] loop1: detected capacity change from 0 to 40427 [ 39.407797][ T560] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 39.410854][ T555] F2FS-fs (loop2): invalid crc value [ 39.420337][ T560] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 39.435005][ T560] F2FS-fs (loop1): fault_injection options not supported [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 564] <... futex resumed>) = 0 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] bpf(BPF_PROG_LOAD, NULL, 0 [pid 563] <... futex resumed>) = 0 [pid 564] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 564] <... futex resumed>) = 0 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 563] <... futex resumed>) = 0 [pid 564] <... socket resumed>) = 3 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 564] <... futex resumed>) = 0 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] bpf(BPF_MAP_CREATE, NULL, 72 [pid 563] <... futex resumed>) = 0 [pid 564] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 564] <... futex resumed>) = 0 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 563] <... futex resumed>) = 0 [pid 564] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 564] <... futex resumed>) = 0 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] memfd_create("syzkaller", 0 [pid 563] <... futex resumed>) = 0 [pid 564] <... memfd_create resumed>) = 4 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 562] <... write resumed>) = 20699119 [ 39.442275][ T560] F2FS-fs (loop1): fault_type options not supported [ 39.449332][ T557] loop0: detected capacity change from 0 to 40427 [ 39.450625][ T555] F2FS-fs (loop2): Found nat_bits in checkpoint [ 39.467420][ T560] F2FS-fs (loop1): invalid crc value [pid 562] munmap(0x7f837a30b000, 138412032) = 0 [pid 562] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 562] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 562] close(4) = 0 [pid 562] close(5) = 0 [pid 562] mkdir("./file4", 0777) = 0 [ 39.489238][ T557] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 39.506614][ T557] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 39.517167][ T560] F2FS-fs (loop1): Found nat_bits in checkpoint [ 39.525464][ T562] loop4: detected capacity change from 0 to 40427 [pid 562] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 555] <... mount resumed>) = 0 [pid 555] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 555] chdir("./file4") = 0 [pid 555] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 555] ioctl(5, LOOP_CLR_FD) = 0 [pid 555] close(5) = 0 [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 555] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 555] <... futex resumed>) = 0 [pid 555] fspick(AT_FDCWD, ".", 0) = 5 [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 39.545398][ T557] F2FS-fs (loop0): fault_injection options not supported [ 39.549662][ T555] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 39.552487][ T557] F2FS-fs (loop0): fault_type options not supported [ 39.569327][ T557] F2FS-fs (loop0): invalid crc value [ 39.575796][ T562] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 39.587685][ T555] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 555] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 555] <... futex resumed>) = 0 [pid 552] <... futex resumed>) = 1 [pid 555] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 555] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] <... futex resumed>) = 0 [pid 555] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 555] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=552}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 555] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=552}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 555] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 555] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 555] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 555] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 552] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 555] <... futex resumed>) = 0 [pid 555] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 555] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [ 39.593365][ T562] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 39.613607][ T562] F2FS-fs (loop4): fault_injection options not supported [ 39.620815][ T562] F2FS-fs (loop4): fault_type options not supported [ 39.628778][ T555] F2FS-fs (loop2): switch discard_unit option is not allowed [ 39.638839][ T562] F2FS-fs (loop4): invalid crc value [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 552] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 555] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 555] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 552] <... futex resumed>) = 0 [pid 552] exit_group(0) = ? [pid 555] +++ exited with 0 +++ [pid 552] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=552, si_uid=0, si_status=0, si_utime=2, si_stime=22} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 564] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... restart_syscall resumed>) = 0 [pid 293] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 293] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 560] <... mount resumed>) = 0 [pid 560] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 560] chdir("./file4") = 0 [pid 560] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 560] ioctl(5, LOOP_CLR_FD) = 0 [pid 560] close(5) = 0 [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] fspick(AT_FDCWD, ".", 0) = 5 [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [ 39.641269][ T557] F2FS-fs (loop0): Found nat_bits in checkpoint [ 39.660162][ T562] F2FS-fs (loop4): Found nat_bits in checkpoint [ 39.661618][ T560] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 39.684452][ T560] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 560] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 560] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=559}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 560] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=559}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 560] <... futex resumed>) = 1 [pid 560] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 560] <... futex resumed>) = 1 [pid 560] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 560] <... futex resumed>) = 1 [pid 560] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 560] <... futex resumed>) = 1 [pid 560] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 560] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] <... futex resumed>) = 0 [pid 559] exit_group(0) = ? [pid 560] <... futex resumed>) = ? [pid 560] +++ exited with 0 +++ [pid 559] +++ exited with 0 +++ [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=559, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 292] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 292] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 562] <... mount resumed>) = 0 [pid 562] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 562] chdir("./file4") = 0 [pid 562] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 562] ioctl(5, LOOP_CLR_FD) = 0 [pid 562] close(5) = 0 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 1 [pid 562] fspick(AT_FDCWD, ".", 0) = 5 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 39.717734][ T560] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 1 [pid 562] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 1 [pid 562] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 1 [pid 562] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 1 [pid 562] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 1 [pid 562] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 562] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=561}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 562] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=561}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 562] <... futex resumed>) = 1 [pid 562] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 562] <... futex resumed>) = 1 [pid 562] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 562] <... futex resumed>) = 1 [pid 562] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 561] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 562] <... futex resumed>) = 1 [pid 562] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 562] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 561] <... futex resumed>) = 0 [pid 561] exit_group(0) = ? [pid 562] <... futex resumed>) = ? [pid 562] +++ exited with 0 +++ [pid 561] +++ exited with 0 +++ [pid 557] <... mount resumed>) = 0 [pid 557] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 557] chdir("./file4") = 0 [pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 557] ioctl(5, LOOP_CLR_FD) = 0 [pid 557] close(5) = 0 [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=561, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 295] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 39.758442][ T562] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 39.773637][ T562] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 39.790042][ T562] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 295] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 1 [pid 557] fspick(AT_FDCWD, ".", 0) = 5 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 1 [pid 557] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 1 [pid 564] <... write resumed>) = 20699119 [pid 557] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 1 [pid 557] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 1 [pid 557] sendfile(-1, -1, NULL, 281483568746501 [pid 564] munmap(0x7f837a30b000, 138412032 [pid 557] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [ 39.823901][ T557] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 39.831004][ T557] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 1 [pid 557] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 557] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=556}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 564] <... munmap resumed>) = 0 [pid 557] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=556}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 557] <... futex resumed>) = 1 [pid 557] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 564] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 557] <... futex resumed>) = 1 [pid 557] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 557] <... futex resumed>) = 1 [pid 557] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... openat resumed>) = 5 [pid 564] ioctl(5, LOOP_SET_FD, 4 [pid 556] <... futex resumed>) = 0 [pid 556] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 556] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 557] <... futex resumed>) = 1 [pid 557] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 557] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 556] exit_group(0) = ? [pid 557] <... futex resumed>) = ? [pid 557] +++ exited with 0 +++ [pid 556] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=556, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 291] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 291] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 564] <... ioctl resumed>) = 0 [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 564] close(4 [pid 291] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 564] <... close resumed>) = 0 [pid 291] <... openat resumed>) = 3 [pid 564] close(5 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 39.872670][ T557] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 291] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 564] <... close resumed>) = 0 [pid 564] mkdir("./file4", 0777) = 0 [pid 564] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 293] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./8/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./8/file4") = 0 [pid 293] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./8/binderfs") = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./8") = 0 [ 39.915560][ T564] loop3: detected capacity change from 0 to 40427 [ 39.935589][ T291] bio_check_eod: 13 callbacks suppressed [ 39.935605][ T291] syz-executor130: attempt to access beyond end of device [ 39.935605][ T291] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 293] mkdir("./9", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 581 ./strace-static-x86_64: Process 581 attached [pid 292] <... umount2 resumed>) = 0 [pid 581] set_robust_list(0x55557f749760, 24) = 0 [pid 581] chdir("./9") = 0 [pid 581] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 581] setpgid(0, 0) = 0 [pid 581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 292] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 581] <... openat resumed>) = 3 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 581] write(3, "1000", 4 [pid 292] newfstatat(AT_FDCWD, "./8/file4", [pid 581] <... write resumed>) = 4 [pid 581] close(3 [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 581] <... close resumed>) = 0 [pid 292] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 581] symlink("/dev/binderfs", "./binderfs" [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 581] <... symlink resumed>) = 0 [pid 292] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 581] write(1, "executing program\n", 18 [pid 292] <... openat resumed>) = 4 [pid 581] <... write resumed>) = 18 [pid 292] newfstatat(4, "", [pid 581] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 581] <... futex resumed>) = 0 [pid 292] getdents64(4, [pid 581] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, [pid 292] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 581] <... rt_sigaction resumed>NULL, 8) = 0 [pid 292] getdents64(4, [pid 581] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 292] <... getdents64 resumed>0x55557f752830 /* 0 entries */, 32768) = 0 [pid 581] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 292] close(4 [pid 581] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 292] <... close resumed>) = 0 [pid 581] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE [pid 292] rmdir("./8/file4" [pid 581] <... mprotect resumed>) = 0 [pid 292] <... rmdir resumed>) = 0 [pid 581] rt_sigprocmask(SIG_BLOCK, ~[], [pid 292] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 581] <... rt_sigprocmask resumed>[], 8) = 0 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 581] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 292] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 581] <... clone3 resumed> => {parent_tid=[583]}, 88) = 583 [pid 292] unlink("./8/binderfs" [pid 581] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 292] <... unlink resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] getdents64(3, [pid 581] <... futex resumed>) = 0 [pid 292] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] close(3) = 0 [pid 292] rmdir("./8") = 0 [pid 292] mkdir("./9", 0777) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 583 attached [pid 583] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 292] <... clone resumed>, child_tidptr=0x55557f749750) = 584 [pid 583] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 583] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 ./strace-static-x86_64: Process 584 attached [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] set_robust_list(0x55557f749760, 24 [pid 581] <... futex resumed>) = 0 [pid 584] <... set_robust_list resumed>) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 584] chdir("./9" [pid 583] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 584] <... chdir resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 581] <... futex resumed>) = 0 [pid 584] <... prctl resumed>) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 584] setpgid(0, 0 [pid 583] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 584] <... setpgid resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 584] <... openat resumed>) = 3 [pid 584] write(3, "1000", 4) = 4 [pid 584] close(3) = 0 [pid 584] symlink("/dev/binderfs", "./binderfs" [pid 583] bpf(BPF_PROG_LOAD, NULL, 0executing program [pid 584] <... symlink resumed>) = 0 [pid 584] write(1, "executing program\n", 18) = 18 [pid 584] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 584] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 584] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 584] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 584] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 584] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 584] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 583] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 584] <... clone3 resumed> => {parent_tid=[586]}, 88) = 586 [pid 584] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 586 attached ) = 0 [pid 586] set_robust_list(0x7f838272b9a0, 24 [ 39.965152][ T564] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 39.972167][ T564] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 39.990802][ T564] F2FS-fs (loop3): fault_injection options not supported [ 40.008190][ T564] F2FS-fs (loop3): fault_type options not supported [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... set_robust_list resumed>) = 0 [pid 583] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] memfd_create("syzkaller", 0 [pid 586] rt_sigprocmask(SIG_SETMASK, [], [pid 583] <... memfd_create resumed>) = 4 [pid 586] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 586] bpf(BPF_PROG_LOAD, NULL, 0 [pid 583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 586] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 583] <... mmap resumed>) = 0x7f837a30b000 [pid 586] <... futex resumed>) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] bpf(BPF_MAP_CREATE, NULL, 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] bpf(BPF_PROG_LOAD, NULL, 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] bpf(BPF_PROG_LOAD, NULL, 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] bpf(BPF_MAP_CREATE, NULL, 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] bpf(BPF_PROG_LOAD, NULL, 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... socket resumed>) = 3 [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] bpf(BPF_MAP_CREATE, NULL, 72 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] memfd_create("syzkaller", 0 [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... memfd_create resumed>) = 4 [pid 584] <... futex resumed>) = 0 [pid 586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 586] <... mmap resumed>) = 0x7f837a30b000 [ 40.024783][ T564] F2FS-fs (loop3): invalid crc value [pid 295] <... umount2 resumed>) = 0 [pid 295] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./8/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 295] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 295] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 295] close(4) = 0 [pid 295] rmdir("./8/file4") = 0 [pid 295] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./8/binderfs") = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3) = 0 [pid 295] rmdir("./8") = 0 [pid 295] mkdir("./9", 0777) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 40.069085][ T564] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 295] close(3) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 588 ./strace-static-x86_64: Process 588 attached [pid 588] set_robust_list(0x55557f749760, 24) = 0 [pid 588] chdir("./9") = 0 [pid 588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 588] setpgid(0, 0) = 0 [pid 588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 588] write(3, "1000", 4) = 4 [pid 588] close(3) = 0 [pid 588] symlink("/dev/binderfs", "./binderfs") = 0 [pid 588] write(1, "executing program\n", 18executing program ) = 18 [pid 588] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 588] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 588] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 588] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 588] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 588] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[590]}, 88) = 590 [pid 588] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 590 attached [pid 590] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 590] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 590] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] memfd_create("syzkaller", 0) = 4 [pid 590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 564] <... mount resumed>) = 0 [pid 564] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 564] chdir("./file4") = 0 [pid 564] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 564] ioctl(5, LOOP_CLR_FD) = 0 [pid 564] close(5) = 0 [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] fspick(AT_FDCWD, ".", 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... fspick resumed>) = 5 [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... open resumed>) = 6 [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] sendfile(-1, -1, NULL, 281483568746501 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... sendto resumed>) = 28 [pid 564] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=563}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 564] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=563}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 564] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 564] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 564] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 564] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 563] <... futex resumed>) = 0 [pid 564] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 563] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 564] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 564] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 563] <... futex resumed>) = 0 [pid 564] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 563] exit_group(0) = ? [pid 564] <... futex resumed>) = ? [pid 564] +++ exited with 0 +++ [pid 563] +++ exited with 0 +++ [pid 586] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=563, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 291] <... umount2 resumed>) = 0 [pid 294] <... restart_syscall resumed>) = 0 [pid 294] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 294] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 291] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./9/file4") = 0 [pid 291] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./9/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./9") = 0 [pid 291] mkdir("./10", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 591 [pid 583] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 591 attached [pid 591] set_robust_list(0x55557f749760, 24) = 0 [pid 591] chdir("./10") = 0 [pid 591] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 591] setpgid(0, 0) = 0 [pid 591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 591] write(3, "1000", 4) = 4 [pid 591] close(3) = 0 [pid 591] symlink("/dev/binderfs", "./binderfs") = 0 [pid 591] write(1, "executing program\n", 18executing program ) = 18 [pid 591] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 591] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [ 40.184218][ T564] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 40.201689][ T564] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 40.221006][ T564] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 591] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 591] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 591] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 591] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[592]}, 88) = 592 [pid 591] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 592 attached [pid 592] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 592] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 592] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 592] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 592] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 592] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 592] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 592] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 592] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 592] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 592] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 591] <... futex resumed>) = 0 [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 592] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... futex resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 592] memfd_create("syzkaller", 0) = 4 [pid 592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 40.264502][ T294] syz-executor130: attempt to access beyond end of device [ 40.264502][ T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 583] <... write resumed>) = 20699119 [pid 583] munmap(0x7f837a30b000, 138412032) = 0 [pid 583] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 583] ioctl(5, LOOP_SET_FD, 4) = 0 [pid 583] close(4) = 0 [pid 583] close(5) = 0 [pid 583] mkdir("./file4", 0777) = 0 [pid 583] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... umount2 resumed>) = 0 [ 40.408896][ T583] loop2: detected capacity change from 0 to 40427 [ 40.427808][ T583] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 40.443733][ T583] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 590] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 586] <... write resumed>) = 20699119 [pid 586] munmap(0x7f837a30b000, 138412032 [pid 294] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 586] <... munmap resumed>) = 0 [pid 586] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 586] ioctl(5, LOOP_SET_FD, 4 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./9/file4") = 0 [pid 294] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./9/binderfs") = 0 [pid 294] getdents64(3, [pid 586] <... ioctl resumed>) = 0 [pid 294] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 586] close(4) = 0 [pid 586] close(5) = 0 [pid 586] mkdir("./file4", 0777 [pid 294] rmdir("./9" [pid 586] <... mkdir resumed>) = 0 [pid 586] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... rmdir resumed>) = 0 [pid 294] mkdir("./10", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 593 [ 40.462892][ T583] F2FS-fs (loop2): fault_injection options not supported [ 40.485407][ T583] F2FS-fs (loop2): fault_type options not supported [ 40.505779][ T586] loop1: detected capacity change from 0 to 40427 ./strace-static-x86_64: Process 593 attached [pid 593] set_robust_list(0x55557f749760, 24) = 0 [pid 593] chdir("./10" [pid 592] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 593] <... chdir resumed>) = 0 [ 40.511815][ T583] F2FS-fs (loop2): invalid crc value [ 40.522235][ T586] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 40.540126][ T586] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 40.541214][ T583] F2FS-fs (loop2): Found nat_bits in checkpoint [ 40.555403][ T586] F2FS-fs (loop1): fault_injection options not supported [pid 593] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 593] setpgid(0, 0) = 0 [pid 593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 593] write(3, "1000", 4) = 4 [pid 593] close(3) = 0 [pid 593] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 593] write(1, "executing program\n", 18) = 18 [pid 593] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 593] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 593] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 593] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 593] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 593] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 593] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[599]}, 88) = 599 [pid 593] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 599 attached [pid 599] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 599] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 599] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... write resumed>) = 20699119 [pid 599] <... futex resumed>) = 1 [pid 593] <... futex resumed>) = 0 [pid 590] munmap(0x7f837a30b000, 138412032 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 599] bpf(BPF_MAP_CREATE, NULL, 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... munmap resumed>) = 0 [pid 599] <... futex resumed>) = 0 [pid 599] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 590] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 590] <... openat resumed>) = 5 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] ioctl(5, LOOP_SET_FD, 4 [pid 599] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] <... futex resumed>) = 0 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] <... futex resumed>) = 0 [pid 599] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] <... futex resumed>) = 0 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 593] <... futex resumed>) = 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] <... socket resumed>) = 3 [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] <... futex resumed>) = 0 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = 0 [pid 593] <... futex resumed>) = 1 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] <... futex resumed>) = 0 [pid 599] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = 0 [pid 593] <... futex resumed>) = 1 [pid 590] <... ioctl resumed>) = 0 [pid 599] memfd_create("syzkaller", 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 590] close(4 [pid 599] <... memfd_create resumed>) = 4 [pid 599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 590] <... close resumed>) = 0 [pid 599] <... mmap resumed>) = 0x7f837a30b000 [pid 590] close(5) = 0 [pid 590] mkdir("./file4", 0777) = 0 [ 40.563210][ T586] F2FS-fs (loop1): fault_type options not supported [ 40.594915][ T586] F2FS-fs (loop1): invalid crc value [ 40.622365][ T586] F2FS-fs (loop1): Found nat_bits in checkpoint [ 40.631676][ T590] loop4: detected capacity change from 0 to 40427 [ 40.653159][ T590] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 590] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 583] <... mount resumed>) = 0 [pid 583] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 583] chdir("./file4") = 0 [pid 583] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 583] ioctl(5, LOOP_CLR_FD) = 0 [pid 583] close(5) = 0 [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] fspick(AT_FDCWD, ".", 0) = 5 [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 40.673793][ T590] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 40.682565][ T590] F2FS-fs (loop4): fault_injection options not supported [ 40.684859][ T583] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 40.690236][ T590] F2FS-fs (loop4): fault_type options not supported [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 583] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=581}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 583] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=581}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 583] <... futex resumed>) = 1 [pid 583] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 583] <... futex resumed>) = 1 [pid 583] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 583] <... futex resumed>) = 1 [pid 583] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 583] <... futex resumed>) = 1 [pid 583] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 583] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... futex resumed>) = 0 [pid 581] exit_group(0) = ? [pid 583] <... futex resumed>) = ? [pid 583] +++ exited with 0 +++ [pid 581] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=581, si_uid=0, si_status=0, si_utime=6, si_stime=23} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 586] <... mount resumed>) = 0 [pid 586] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 586] chdir("./file4") = 0 [pid 586] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 5 [pid 586] ioctl(5, LOOP_CLR_FD [pid 293] <... restart_syscall resumed>) = 0 [pid 586] <... ioctl resumed>) = 0 [pid 586] close(5) = 0 [pid 293] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 293] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... write resumed>) = 20699119 [ 40.718576][ T583] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 40.727418][ T590] F2FS-fs (loop4): invalid crc value [ 40.738331][ T583] F2FS-fs (loop2): switch discard_unit option is not allowed [ 40.754660][ T586] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 40.761743][ T586] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 592] munmap(0x7f837a30b000, 138412032 [pid 586] <... futex resumed>) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] fspick(AT_FDCWD, ".", 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... fspick resumed>) = 5 [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... munmap resumed>) = 0 [pid 592] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 592] ioctl(5, LOOP_SET_FD, 4 [pid 586] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... open resumed>) = 6 [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] sendfile(-1, -1, NULL, 281483568746501 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 584] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 584] <... futex resumed>) = 0 [pid 586] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... sendto resumed>) = 28 [pid 586] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=584}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 586] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=584}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 599] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = 0 [pid 586] <... futex resumed>) = 1 [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 584] <... futex resumed>) = 0 [pid 586] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 586] <... futex resumed>) = 0 [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 584] <... futex resumed>) = 0 [pid 586] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 586] <... futex resumed>) = 0 [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 584] <... futex resumed>) = 0 [pid 586] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 586] <... futex resumed>) = 0 [pid 584] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 584] <... futex resumed>) = 0 [pid 586] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 584] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 586] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 586] <... futex resumed>) = 0 [pid 586] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 584] exit_group(0 [pid 586] <... futex resumed>) = ? [pid 584] <... exit_group resumed>) = ? [pid 586] +++ exited with 0 +++ [pid 592] <... ioctl resumed>) = 0 [pid 584] +++ exited with 0 +++ [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=584, si_uid=0, si_status=0, si_utime=3, si_stime=21} --- [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 592] close(4) = 0 [pid 592] close(5) = 0 [pid 592] mkdir("./file4", 0777) = 0 [pid 592] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 292] <... restart_syscall resumed>) = 0 [pid 292] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 40.785331][ T590] F2FS-fs (loop4): Found nat_bits in checkpoint [ 40.803804][ T293] syz-executor130: attempt to access beyond end of device [ 40.803804][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 40.819681][ T586] F2FS-fs (loop1): switch discard_unit option is not allowed [ 40.822703][ T592] loop0: detected capacity change from 0 to 40427 [ 40.860022][ T592] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 40.871155][ T292] syz-executor130: attempt to access beyond end of device [ 40.871155][ T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 40.893736][ T592] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 292] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 590] <... mount resumed>) = 0 [pid 590] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 590] chdir("./file4") = 0 [pid 590] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 590] ioctl(5, LOOP_CLR_FD) = 0 [pid 590] close(5) = 0 [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] fspick(AT_FDCWD, ".", 0) = 5 [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [ 40.924065][ T592] F2FS-fs (loop0): fault_injection options not supported [ 40.932960][ T592] F2FS-fs (loop0): fault_type options not supported [ 40.941654][ T590] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 40.962439][ T590] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 590] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 590] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=588}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 590] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=588}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 590] <... futex resumed>) = 1 [pid 590] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 590] <... futex resumed>) = 1 [pid 590] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 590] <... futex resumed>) = 1 [pid 590] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 590] <... futex resumed>) = 1 [pid 590] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 590] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 588] <... futex resumed>) = 0 [pid 588] exit_group(0) = ? [pid 590] <... futex resumed>) = ? [pid 590] +++ exited with 0 +++ [pid 588] +++ exited with 0 +++ [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=588, si_uid=0, si_status=0, si_utime=3, si_stime=21} --- [pid 295] restart_syscall(<... resuming interrupted clone ...> [pid 599] <... write resumed>) = 20699119 [pid 295] <... restart_syscall resumed>) = 0 [pid 295] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 295] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 295] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 599] munmap(0x7f837a30b000, 138412032) = 0 [pid 599] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 599] ioctl(5, LOOP_SET_FD, 4 [pid 293] <... umount2 resumed>) = 0 [ 40.970519][ T592] F2FS-fs (loop0): invalid crc value [ 40.987192][ T590] F2FS-fs (loop4): switch discard_unit option is not allowed [ 41.000566][ T592] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 293] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./9/file4", [pid 599] <... ioctl resumed>) = 0 [pid 599] close(4 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 599] <... close resumed>) = 0 [pid 293] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 599] close(5 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 599] <... close resumed>) = 0 [pid 599] mkdir("./file4", 0777 [pid 293] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 599] <... mkdir resumed>) = 0 [pid 293] newfstatat(4, "", [pid 599] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./9/file4") = 0 [pid 293] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./9/binderfs") = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./9") = 0 [pid 293] mkdir("./10", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 610 ./strace-static-x86_64: Process 610 attached [pid 610] set_robust_list(0x55557f749760, 24) = 0 [pid 610] chdir("./10") = 0 [ 41.041083][ T295] syz-executor130: attempt to access beyond end of device [ 41.041083][ T295] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 41.056351][ T599] loop3: detected capacity change from 0 to 40427 [pid 610] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 610] setpgid(0, 0) = 0 [pid 610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 610] write(3, "1000", 4) = 4 [pid 610] close(3) = 0 [pid 610] symlink("/dev/binderfs", "./binderfs") = 0 [pid 610] write(1, "executing program\n", 18executing program ) = 18 [pid 610] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 610] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 610] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 610] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 610] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 610] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[612]}, 88) = 612 [pid 610] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] <... umount2 resumed>) = 0 [pid 292] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 292] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 292] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4) = 0 [pid 292] rmdir("./9/file4") = 0 [pid 292] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./9/binderfs") = 0 [pid 292] getdents64(3, ./strace-static-x86_64: Process 612 attached [pid 612] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 612] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 612] bpf(BPF_PROG_LOAD, NULL, 0 [pid 292] <... getdents64 resumed>0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 292] close(3) = 0 [pid 292] rmdir("./9") = 0 [pid 292] mkdir("./10", 0777 [pid 612] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... mkdir resumed>) = 0 [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 41.088564][ T599] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 41.115095][ T599] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 41.123836][ T592] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [pid 292] close(3 [pid 612] <... futex resumed>) = 1 [pid 610] <... futex resumed>) = 0 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 612] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 612] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 612] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 612] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 612] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 612] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] <... socket resumed>) = 3 [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] <... futex resumed>) = 0 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 292] <... close resumed>) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 613 [pid 592] <... mount resumed>) = 0 [pid 592] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 592] chdir("./file4") = 0 [pid 592] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 592] ioctl(5, LOOP_CLR_FD) = 0 [pid 592] close(5 [pid 612] bpf(BPF_MAP_CREATE, NULL, 72 [pid 592] <... close resumed>) = 0 [pid 612] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] <... futex resumed>) = 0 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 610] <... futex resumed>) = 0 [pid 612] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] <... futex resumed>) = 0 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 610] <... futex resumed>) = 0 [pid 612] memfd_create("syzkaller", 0 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 612] <... memfd_create resumed>) = 4 [pid 612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... futex resumed>) = 1 [pid 592] fspick(AT_FDCWD, ".", 0) = 5 [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... futex resumed>) = 1 [pid 592] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0./strace-static-x86_64: Process 613 attached [pid 613] set_robust_list(0x55557f749760, 24) = 0 [pid 613] chdir("./10") = 0 [pid 613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 613] setpgid(0, 0) = 0 [pid 613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 613] write(3, "1000", 4) = 4 [pid 613] close(3) = 0 [pid 613] symlink("/dev/binderfs", "./binderfs") = 0 [pid 613] write(1, "executing program\n", 18executing program ) = 18 [pid 613] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 613] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 613] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 613] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 613] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 613] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[614]}, 88) = 614 [pid 613] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 614 attached [pid 614] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 614] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 614] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 592] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... futex resumed>) = 1 [pid 614] bpf(BPF_MAP_CREATE, NULL, 72 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... futex resumed>) = 1 [pid 592] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 614] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 614] memfd_create("syzkaller", 0) = 4 [pid 614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [ 41.141855][ T592] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 41.151462][ T599] F2FS-fs (loop3): fault_injection options not supported [ 41.172286][ T599] F2FS-fs (loop3): fault_type options not supported [pid 592] <... open resumed>) = 6 [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... futex resumed>) = 1 [pid 592] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... futex resumed>) = 1 [pid 592] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... futex resumed>) = 1 [pid 592] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 28 [pid 592] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=591}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 592] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=591}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 592] <... futex resumed>) = 1 [pid 592] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EFAULT (Bad address) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 592] <... futex resumed>) = 1 [pid 592] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16) = -1 EBADF (Bad file descriptor) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 592] <... futex resumed>) = 1 [pid 592] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 591] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 592] <... futex resumed>) = 1 [pid 592] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 592] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] <... futex resumed>) = 0 [pid 591] exit_group(0) = ? [pid 592] <... futex resumed>) = ? [pid 592] +++ exited with 0 +++ [pid 591] +++ exited with 0 +++ [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=591, si_uid=0, si_status=0, si_utime=8, si_stime=15} --- [pid 291] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 291] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 291] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [ 41.185465][ T592] F2FS-fs (loop0): switch discard_unit option is not allowed [ 41.217910][ T599] F2FS-fs (loop3): invalid crc value [ 41.237881][ T291] syz-executor130: attempt to access beyond end of device [ 41.237881][ T291] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 291] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 295] <... umount2 resumed>) = 0 [pid 295] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 295] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 295] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 295] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 295] close(4) = 0 [pid 295] rmdir("./9/file4") = 0 [pid 295] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 295] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 295] unlink("./9/binderfs") = 0 [pid 295] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 295] close(3) = 0 [pid 295] rmdir("./9") = 0 [pid 295] mkdir("./10", 0777) = 0 [pid 295] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 295] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 295] close(3) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 618 ./strace-static-x86_64: Process 618 attached [ 41.274178][ T599] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 618] set_robust_list(0x55557f749760, 24) = 0 [pid 618] chdir("./10") = 0 [pid 618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 618] setpgid(0, 0) = 0 [pid 618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 618] write(3, "1000", 4) = 4 [pid 618] close(3) = 0 [pid 618] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 618] write(1, "executing program\n", 18) = 18 [pid 618] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 618] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 618] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 618] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 618] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 618] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[619]}, 88) = 619 [pid 618] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 619 attached [pid 619] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 612] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 619] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 619] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 614] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] memfd_create("syzkaller", 0) = 4 [pid 619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 599] <... mount resumed>) = 0 [pid 599] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 599] chdir("./file4") = 0 [pid 599] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 5 [pid 599] ioctl(5, LOOP_CLR_FD) = 0 [pid 599] close(5) = 0 [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] <... futex resumed>) = 0 [pid 599] fspick(AT_FDCWD, ".", 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] <... fspick resumed>) = 5 [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] <... futex resumed>) = 0 [pid 599] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 593] <... futex resumed>) = 0 [pid 599] <... futex resumed>) = 1 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 593] <... futex resumed>) = 0 [pid 599] <... open resumed>) = 6 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 593] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 599] <... futex resumed>) = 0 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 593] <... futex resumed>) = 0 [ 41.386866][ T599] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 41.403548][ T599] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 599] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 593] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 599] <... futex resumed>) = 0 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] sendfile(-1, -1, NULL, 281483568746501 [pid 593] <... futex resumed>) = 0 [pid 599] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 593] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 599] <... futex resumed>) = 0 [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 593] <... futex resumed>) = 0 [pid 599] <... sendto resumed>) = 28 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=593}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 599] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=593}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] <... futex resumed>) = 0 [pid 599] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 599] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] <... futex resumed>) = 0 [pid 599] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 599] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] <... futex resumed>) = 0 [pid 599] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 599] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 599] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 593] <... futex resumed>) = 0 [pid 599] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 593] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 599] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 599] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 593] <... futex resumed>) = 0 [pid 599] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 593] exit_group(0 [pid 599] <... futex resumed>) = ? [pid 593] <... exit_group resumed>) = ? [pid 599] +++ exited with 0 +++ [pid 593] +++ exited with 0 +++ [pid 291] <... umount2 resumed>) = 0 [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=593, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 294] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 291] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./10/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 291] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 291] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 291] close(4) = 0 [pid 291] rmdir("./10/file4") = 0 [pid 291] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 291] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 291] unlink("./10/binderfs") = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] close(3) = 0 [pid 291] rmdir("./10") = 0 [ 41.443643][ T599] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 291] mkdir("./11", 0777) = 0 [pid 291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 291] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 291] close(3) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 621 ./strace-static-x86_64: Process 621 attached [pid 621] set_robust_list(0x55557f749760, 24) = 0 [pid 621] chdir("./11") = 0 [pid 621] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 621] setpgid(0, 0) = 0 [pid 621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 621] write(3, "1000", 4) = 4 [pid 621] close(3) = 0 [pid 621] symlink("/dev/binderfs", "./binderfs") = 0 [pid 621] write(1, "executing program\n", 18executing program ) = 18 [pid 621] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 621] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 621] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 621] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 621] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 621] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 621] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[622]}, 88) = 622 [pid 621] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 41.494327][ T294] syz-executor130: attempt to access beyond end of device [ 41.494327][ T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... write resumed>) = 20699119 [pid 619] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 612] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 622 attached [pid 612] munmap(0x7f837a30b000, 138412032 [pid 622] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 612] <... munmap resumed>) = 0 [pid 622] rt_sigprocmask(SIG_SETMASK, [], [pid 612] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 622] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 622] bpf(BPF_PROG_LOAD, NULL, 0 [pid 612] <... openat resumed>) = 5 [pid 622] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 612] ioctl(5, LOOP_SET_FD, 4 [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 612] <... ioctl resumed>) = 0 [pid 621] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] <... futex resumed>) = 0 [pid 622] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] bpf(BPF_PROG_LOAD, NULL, 0 [pid 621] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 622] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 621] <... futex resumed>) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = 0 [pid 621] <... futex resumed>) = 1 [pid 622] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 621] <... futex resumed>) = 0 [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = 0 [pid 621] <... futex resumed>) = 1 [pid 622] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] <... futex resumed>) = 0 [pid 622] bpf(BPF_MAP_CREATE, NULL, 72 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 621] <... futex resumed>) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] <... futex resumed>) = 0 [pid 622] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 621] <... futex resumed>) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 622] memfd_create("syzkaller", 0) = 4 [pid 622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 614] munmap(0x7f837a30b000, 138412032 [pid 612] close(4 [pid 614] <... munmap resumed>) = 0 [pid 612] <... close resumed>) = 0 [pid 614] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 612] close(5) = 0 [pid 614] <... openat resumed>) = 5 [pid 612] mkdir("./file4", 0777 [pid 614] ioctl(5, LOOP_SET_FD, 4 [pid 612] <... mkdir resumed>) = 0 [pid 614] <... ioctl resumed>) = 0 [pid 612] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 41.595003][ T612] loop2: detected capacity change from 0 to 40427 [pid 614] close(4) = 0 [pid 614] close(5) = 0 [pid 614] mkdir("./file4", 0777) = 0 [ 41.644733][ T614] loop1: detected capacity change from 0 to 40427 [ 41.651764][ T612] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 41.673793][ T612] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 41.682246][ T612] F2FS-fs (loop2): fault_injection options not supported [pid 614] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 619] <... write resumed>) = 20699119 [pid 619] munmap(0x7f837a30b000, 138412032) = 0 [pid 619] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [ 41.700603][ T614] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 41.723602][ T614] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 41.730354][ T612] F2FS-fs (loop2): fault_type options not supported [ 41.732045][ T614] F2FS-fs (loop1): fault_injection options not supported [pid 619] ioctl(5, LOOP_SET_FD, 4 [pid 294] <... umount2 resumed>) = 0 [pid 619] <... ioctl resumed>) = 0 [pid 619] close(4) = 0 [pid 619] close(5) = 0 [pid 619] mkdir("./file4", 0777) = 0 [pid 619] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./10/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./10/file4") = 0 [pid 294] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./10/binderfs") = 0 [pid 294] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./10") = 0 [pid 294] mkdir("./11", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 628 [ 41.746441][ T612] F2FS-fs (loop2): invalid crc value [ 41.767725][ T619] loop4: detected capacity change from 0 to 40427 [ 41.773639][ T614] F2FS-fs (loop1): fault_type options not supported [ 41.775602][ T612] F2FS-fs (loop2): Found nat_bits in checkpoint [ 41.793969][ T614] F2FS-fs (loop1): invalid crc value ./strace-static-x86_64: Process 628 attached [pid 628] set_robust_list(0x55557f749760, 24) = 0 [pid 628] chdir("./11") = 0 [pid 628] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 628] setpgid(0, 0) = 0 [pid 628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 628] write(3, "1000", 4) = 4 [pid 628] close(3) = 0 [pid 628] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 628] write(1, "executing program\n", 18) = 18 [pid 628] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 628] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, [pid 622] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 628] <... rt_sigaction resumed>NULL, 8) = 0 [pid 628] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 628] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f838270b000 [pid 628] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 628] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 628] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} => {parent_tid=[630]}, 88) = 630 [pid 628] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 630 attached [ 41.800731][ T619] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 41.826388][ T619] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 41.839938][ T619] F2FS-fs (loop4): fault_injection options not supported [pid 630] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 630] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 630] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 628] <... futex resumed>) = 0 [pid 630] bpf(BPF_MAP_CREATE, NULL, 0 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] bpf(BPF_PROG_LOAD, NULL, 0 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] bpf(BPF_PROG_LOAD, NULL, 0 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] bpf(BPF_MAP_CREATE, NULL, 0 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... bpf resumed>) = -1 EINVAL (Invalid argument) [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] bpf(BPF_PROG_LOAD, NULL, 0 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... socket resumed>) = 3 [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] bpf(BPF_MAP_CREATE, NULL, 72 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 628] <... futex resumed>) = 0 [pid 630] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 630] <... futex resumed>) = 0 [pid 628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 630] memfd_create("syzkaller", 0 [pid 628] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 630] <... memfd_create resumed>) = 4 [pid 628] <... futex resumed>) = 0 [pid 630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 628] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 630] <... mmap resumed>) = 0x7f837a30b000 [pid 612] <... mount resumed>) = 0 [pid 612] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 612] chdir("./file4") = 0 [pid 612] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 5 [pid 612] ioctl(5, LOOP_CLR_FD) = 0 [pid 612] close(5) = 0 [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 41.848637][ T614] F2FS-fs (loop1): Found nat_bits in checkpoint [ 41.849083][ T619] F2FS-fs (loop4): fault_type options not supported [ 41.865835][ T619] F2FS-fs (loop4): invalid crc value [ 41.887738][ T619] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] <... futex resumed>) = 0 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] <... futex resumed>) = 0 [pid 612] fspick(AT_FDCWD, ".", 0) = 5 [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] <... futex resumed>) = 0 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] <... futex resumed>) = 0 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] <... futex resumed>) = 0 [pid 612] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] <... futex resumed>) = 0 [pid 612] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 610] <... futex resumed>) = 0 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] <... futex resumed>) = 0 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 610] <... futex resumed>) = 0 [pid 612] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... mount resumed>) = 0 [pid 612] <... sendto resumed>) = 28 [pid 610] <... futex resumed>) = 0 [pid 614] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 612] recvfrom(3, [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... openat resumed>) = 4 [pid 612] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=610}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 612] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=610}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] chdir("./file4" [pid 612] <... futex resumed>) = 1 [pid 610] <... futex resumed>) = 0 [pid 614] <... chdir resumed>) = 0 [ 41.915939][ T612] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 41.923041][ T612] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 41.954228][ T612] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 612] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 610] <... futex resumed>) = 0 [pid 614] <... openat resumed>) = 5 [pid 612] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] ioctl(5, LOOP_CLR_FD [pid 612] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 614] <... ioctl resumed>) = 0 [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] close(5 [pid 612] <... futex resumed>) = 1 [pid 610] <... futex resumed>) = 0 [pid 614] <... close resumed>) = 0 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... futex resumed>) = 1 [pid 610] <... futex resumed>) = 1 [pid 614] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 613] <... futex resumed>) = 0 [pid 612] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 622] <... write resumed>) = 20699119 [pid 614] <... futex resumed>) = 0 [pid 613] <... futex resumed>) = 1 [pid 612] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 622] munmap(0x7f837a30b000, 138412032 [pid 614] fspick(AT_FDCWD, ".", 0) = 5 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 612] <... futex resumed>) = 1 [pid 610] <... futex resumed>) = 0 [pid 614] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... munmap resumed>) = 0 [pid 614] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 613] <... futex resumed>) = 0 [pid 612] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 610] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 619] <... mount resumed>) = 0 [pid 619] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 4 [pid 619] chdir("./file4") = 0 [pid 619] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 5 [pid 619] ioctl(5, LOOP_CLR_FD) = 0 [pid 619] close(5) = 0 [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] fspick(AT_FDCWD, ".", 0) = 5 [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 622] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 614] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 622] <... openat resumed>) = 5 [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 622] ioctl(5, LOOP_SET_FD, 4 [pid 614] <... futex resumed>) = 1 [pid 610] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 612] <... futex resumed>) = 0 [pid 610] <... futex resumed>) = 1 [pid 622] <... ioctl resumed>) = 0 [pid 614] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 612] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 610] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 612] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 612] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 612] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 622] close(4 [pid 614] <... open resumed>) = 6 [pid 610] exit_group(0 [pid 622] <... close resumed>) = 0 [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] close(5 [pid 610] <... exit_group resumed>) = ? [pid 614] <... futex resumed>) = 1 [pid 622] <... close resumed>) = 0 [pid 622] mkdir("./file4", 0777 [pid 614] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 613] <... futex resumed>) = 0 [pid 612] <... futex resumed>) = ? [pid 622] <... mkdir resumed>) = 0 [pid 614] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 612] +++ exited with 0 +++ [pid 610] +++ exited with 0 +++ [pid 622] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 41.971858][ T614] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 41.981767][ T619] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 41.989078][ T614] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 41.996939][ T619] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 614] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 613] <... futex resumed>) = 0 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=610, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 614] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 293] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 613] <... futex resumed>) = 0 [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 618] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 618] futex(0x7f83827fd73c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f83826ea000 [pid 618] mprotect(0x7f83826eb000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 618] rt_sigprocmask(SIG_BLOCK, ~[], [pid 614] sendfile(-1, -1, NULL, 281483568746501 [pid 618] <... rt_sigprocmask resumed>[], 8) = 0 [pid 614] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838270a990, parent_tid=0x7f838270a990, exit_signal=0, stack=0x7f83826ea000, stack_size=0x20240, tls=0x7f838270a6c0} [pid 614] <... futex resumed>) = 1 [pid 613] <... futex resumed>) = 0 [pid 614] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... clone3 resumed> => {parent_tid=[637]}, 88) = 637 [pid 614] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 613] <... futex resumed>) = 0 [pid 618] rt_sigprocmask(SIG_SETMASK, [], [pid 614] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 618] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 618] futex(0x7f83827fd738, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... sendto resumed>) = 28 ./strace-static-x86_64: Process 637 attached [pid 618] <... futex resumed>) = 0 [pid 614] recvfrom(3, [pid 618] futex(0x7f83827fd73c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 637] set_robust_list(0x7f838270a9a0, 24 [pid 614] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=613}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 614] recvfrom(3, [pid 637] <... set_robust_list resumed>) = 0 [pid 614] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=613}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 637] rt_sigprocmask(SIG_SETMASK, [], [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 637] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 614] <... futex resumed>) = 1 [pid 613] <... futex resumed>) = 0 [pid 637] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 614] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 613] <... futex resumed>) = 0 [pid 614] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 613] <... futex resumed>) = 0 [pid 637] <... open resumed>) = 6 [pid 614] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 637] futex(0x7f83827fd73c, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 613] <... futex resumed>) = 0 [pid 637] <... futex resumed>) = 1 [pid 618] <... futex resumed>) = 0 [pid 614] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 637] futex(0x7f83827fd738, FUTEX_WAIT_PRIVATE, 0, NULL [pid 618] futex(0x7f83827fd738, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 637] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 618] <... futex resumed>) = 0 [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 637] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 618] futex(0x7f83827fd73c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] <... futex resumed>) = 1 [pid 613] <... futex resumed>) = 0 [pid 614] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 613] <... futex resumed>) = 0 [pid 614] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 614] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 619] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 42.026475][ T614] F2FS-fs (loop1): switch discard_unit option is not allowed [ 42.036551][ T619] F2FS-fs (loop4): switch discard_unit option is not allowed [ 42.044538][ T622] loop0: detected capacity change from 0 to 40427 [ 42.057371][ T622] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 42.064883][ T293] syz-executor130: attempt to access beyond end of device [ 42.064883][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 42.073658][ T622] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 42.094427][ T637] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 42.106194][ T637] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 42.114629][ T637] CPU: 1 PID: 637 Comm: syz-executor130 Not tainted 6.1.138-syzkaller-00002-g13ff1300ee84 #0 [ 42.124805][ T637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 42.134867][ T637] RIP: 0010:update_sit_entry+0x4f9/0x15a0 [ 42.140619][ T637] Code: 00 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 7e 14 8d ff 48 8b 1b 4c 01 f3 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 55 0f 00 00 44 0f b6 23 44 89 e0 44 08 f8 [ 42.160227][ T637] RSP: 0000:ffffc90001906e00 EFLAGS: 00010246 [ 42.166294][ T637] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 42.174265][ T637] RDX: ffff88810d069440 RSI: 0000000000000000 RDI: 0000000000000000 [ 42.182238][ T637] RBP: ffffc90001906ed0 R08: ffff88810d069440 R09: 0000000000000003 [ 42.190217][ T637] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000000 [ 42.198218][ T637] R13: ffff88810c0bc0c8 R14: 0000000000000000 R15: 0000000000000080 [ 42.206191][ T637] FS: 00007f838270a6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 42.215119][ T637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.221710][ T637] CR2: 00007f83827290f8 CR3: 00000001221b5000 CR4: 00000000003506a0 [ 42.229685][ T637] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 42.237652][ T637] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 42.245627][ T637] Call Trace: [ 42.248946][ T637] [ 42.251964][ T637] ? __kasan_check_write+0x14/0x20 [ 42.257087][ T637] ? ktime_get_coarse_with_offset+0x153/0x1a0 [ 42.263172][ T637] f2fs_allocate_data_block+0x148c/0x3af0 [ 42.268903][ T637] ? __cfi__raw_spin_lock+0x10/0x10 [ 42.274112][ T637] ? _raw_spin_unlock+0x4c/0x70 [ 42.278975][ T637] ? f2fs_inode_dirtied+0x308/0x360 [ 42.284178][ T637] ? __cfi_f2fs_allocate_data_block+0x10/0x10 [ 42.290260][ T637] ? f2fs_mark_inode_dirty_sync+0x13e/0x1c0 [ 42.296179][ T637] ? inc_valid_block_count+0x5af/0xa00 [ 42.301660][ T637] f2fs_map_blocks+0x11a8/0x3a60 [ 42.306615][ T637] ? __cfi_f2fs_map_blocks+0x10/0x10 [ 42.311909][ T637] ? do_syscall_64+0x4c/0xa0 [ 42.316505][ T637] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 42.322584][ T637] f2fs_iomap_begin+0x1f5/0x920 [ 42.327438][ T637] ? __cfi_f2fs_iomap_begin+0x10/0x10 [ 42.332836][ T637] iomap_iter+0x5b7/0xb30 [ 42.337174][ T637] ? __cfi_f2fs_iomap_begin+0x10/0x10 [ 42.342631][ T637] __iomap_dio_rw+0xc34/0x1bd0 [ 42.347401][ T637] ? __cfi___iomap_dio_rw+0x10/0x10 [ 42.352617][ T637] ? down_read_trylock+0x273/0x640 [ 42.357764][ T637] ? fault_in_readable+0xf3/0x150 [ 42.362787][ T637] ? fault_in_iov_iter_readable+0x2cd/0x320 [ 42.368684][ T637] f2fs_file_write_iter+0x1559/0x2550 [ 42.374073][ T637] ? __cfi_f2fs_file_write_iter+0x10/0x10 [ 42.379799][ T637] ? kvm_sched_clock_read+0x18/0x40 [ 42.385006][ T637] ? __this_cpu_preempt_check+0x13/0x20 [ 42.390580][ T637] ? avc_policy_seqno+0x1b/0x70 [ 42.395443][ T637] ? fsnotify_perm+0x67/0x5b0 [ 42.400120][ T637] ? security_file_permission+0x8a/0xb0 [ 42.405675][ T637] do_iter_write+0x650/0xb10 [ 42.410280][ T637] ? _copy_from_user+0x8f/0xc0 [ 42.415046][ T637] ? vfs_iter_write+0xa0/0xa0 [ 42.419731][ T637] ? import_iovec+0x7c/0xb0 [ 42.424237][ T637] vfs_writev+0x30b/0x590 [ 42.428570][ T637] ? do_writev+0x2b0/0x2b0 [ 42.432984][ T637] ? _raw_spin_lock_irq+0x8f/0xe0 [ 42.438020][ T637] ? __fdget+0x19c/0x220 [ 42.442272][ T637] ? __se_sys_pwritev2+0xad/0x2b0 [ 42.447303][ T637] __se_sys_pwritev2+0x1a9/0x2b0 [ 42.452248][ T637] ? __x64_sys_pwritev2+0xd0/0xd0 [ 42.457281][ T637] ? fpregs_restore_userregs+0x128/0x260 [ 42.462919][ T637] __x64_sys_pwritev2+0xbf/0xd0 [ 42.467789][ T637] x64_sys_call+0x2d6/0x9a0 [ 42.472292][ T637] do_syscall_64+0x4c/0xa0 [ 42.476711][ T637] ? clear_bhb_loop+0x15/0x70 [ 42.481386][ T637] ? clear_bhb_loop+0x15/0x70 [ 42.486067][ T637] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 42.491968][ T637] RIP: 0033:0x7f8382771129 [ 42.496382][ T637] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 42.515988][ T637] RSP: 002b:00007f838270a148 EFLAGS: 00000212 ORIG_RAX: 0000000000000148 [pid 619] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 613] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 614] <... futex resumed>) = 0 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 613] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 619] <... futex resumed>) = 0 [pid 618] <... futex resumed>) = 1 [pid 614] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] <... futex resumed>) = 0 [pid 619] sendfile(-1, -1, NULL, 281483568746501 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 613] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 614] <... futex resumed>) = 0 [pid 619] <... sendfile resumed>) = -1 EBADF (Bad file descriptor) [pid 614] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 613] exit_group(0 [pid 619] <... futex resumed>) = 1 [pid 618] <... futex resumed>) = 0 [pid 613] <... exit_group resumed>) = ? [pid 619] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... futex resumed>) = ? [ 42.524403][ T637] RAX: ffffffffffffffda RBX: 00007f83827fd738 RCX: 00007f8382771129 [ 42.532377][ T637] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000006 [ 42.540350][ T637] RBP: 00007f83827fd730 R08: 0000000000000007 R09: 0000000000000003 [ 42.548324][ T637] R10: 0000000000002000 R11: 0000000000000212 R12: 00007f83827fd73c [ 42.556295][ T637] R13: 000000000000006e R14: 00007fff7fbb1200 R15: 00007fff7fbb12e8 [ 42.564294][ T637] [ 42.567316][ T637] Modules linked in: [ 42.571483][ T622] F2FS-fs (loop0): fault_injection options not supported [pid 619] <... sendto resumed>) = 28 [pid 618] <... futex resumed>) = 0 [pid 619] recvfrom(3, [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... recvfrom resumed>[{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=618}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 619] recvfrom(3, [pid 614] +++ exited with 0 +++ [pid 613] +++ exited with 0 +++ [pid 619] <... recvfrom resumed>[{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=618}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 292] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=613, si_uid=0, si_status=0, si_utime=2, si_stime=21} --- [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] restart_syscall(<... resuming interrupted clone ...> [pid 619] <... futex resumed>) = 1 [pid 618] <... futex resumed>) = 0 [pid 619] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 619] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 618] <... futex resumed>) = 0 [pid 619] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 618] <... futex resumed>) = 0 [pid 619] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 619] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 618] <... futex resumed>) = 0 [pid 619] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 619] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 292] <... restart_syscall resumed>) = 0 [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 618] <... futex resumed>) = 0 [pid 619] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 619] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 618] <... futex resumed>) = 0 [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 619] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 292] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 619] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 292] <... openat resumed>) = 3 [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] newfstatat(3, "", [pid 619] <... futex resumed>) = 1 [pid 618] <... futex resumed>) = 0 [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 619] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 618] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] getdents64(3, [pid 619] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 618] <... futex resumed>) = 0 [pid 292] <... getdents64 resumed>0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 619] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 618] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 292] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 619] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 619] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 618] <... futex resumed>) = 0 [ 42.573538][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 42.573553][ T28] audit: type=1400 audit(1749595040.134:82): avc: denied { read } for pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [pid 619] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [ 42.621687][ T28] audit: type=1400 audit(1749595040.134:83): avc: denied { search } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 42.622014][ T292] syz-executor130: attempt to access beyond end of device [ 42.622014][ T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 42.658457][ T622] F2FS-fs (loop0): fault_type options not supported [ 42.673649][ T28] audit: type=1400 audit(1749595040.134:84): avc: denied { write } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 42.694044][ T622] F2FS-fs (loop0): invalid crc value [ 42.718612][ T622] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 630] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 42.725109][ T28] audit: type=1400 audit(1749595040.134:85): avc: denied { add_name } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [pid 618] exit_group(0 [pid 619] <... futex resumed>) = ? [pid 618] <... exit_group resumed>) = ? [pid 619] +++ exited with 0 +++ [pid 293] newfstatat(AT_FDCWD, "./10/file4", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 630] <... write resumed>) = 20699119 [ 42.771184][ T28] audit: type=1400 audit(1749595040.134:86): avc: denied { create } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 42.791925][ T28] audit: type=1400 audit(1749595040.134:87): avc: denied { append open } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [pid 293] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 630] munmap(0x7f837a30b000, 138412032 [pid 293] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x55557f752830 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./10/file4") = 0 [pid 293] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./10/binderfs") = 0 [pid 293] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./10") = 0 [pid 293] mkdir("./11", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557f749750) = 642 [pid 630] <... munmap resumed>) = 0 [pid 630] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 642 attached ) = 5 [pid 642] set_robust_list(0x55557f749760, 24) = 0 [ 42.815061][ T28] audit: type=1400 audit(1749595040.134:88): avc: denied { getattr } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 42.837887][ T637] ---[ end trace 0000000000000000 ]--- [ 42.838355][ T622] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 42.843410][ T637] RIP: 0010:update_sit_entry+0x4f9/0x15a0 [pid 630] ioctl(5, LOOP_SET_FD, 4 [pid 642] chdir("./11") = 0 [pid 642] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 630] <... ioctl resumed>) = 0 [pid 642] <... prctl resumed>) = 0 [pid 642] setpgid(0, 0 [pid 630] close(4 [pid 642] <... setpgid resumed>) = 0 [pid 642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 630] <... close resumed>) = 0 [pid 642] <... openat resumed>) = 3 [pid 622] <... mount resumed>) = 0 [pid 622] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 642] write(3, "1000", 4 [pid 630] close(5 [pid 642] <... write resumed>) = 4 [pid 642] close(3 [pid 630] <... close resumed>) = 0 [pid 642] <... close resumed>) = 0 [pid 630] mkdir("./file4", 0777 [pid 642] symlink("/dev/binderfs", "./binderfs" [pid 622] <... openat resumed>) = 4 [pid 642] <... symlink resumed>) = 0 executing program [pid 642] write(1, "executing program\n", 18) = 18 [pid 642] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] rt_sigaction(SIGRT_1, {sa_handler=0x7f83827974d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f838273fc20}, NULL, 8) = 0 [pid 642] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 630] <... mkdir resumed>) = 0 [pid 642] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 622] chdir("./file4" [pid 642] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 630] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 642] <... mmap resumed>) = 0x7f838270b000 [pid 642] mprotect(0x7f838270c000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 622] <... chdir resumed>) = 0 [pid 642] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 622] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 [pid 622] ioctl(5, LOOP_CLR_FD) = 0 [pid 622] close(5) = 0 [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 642] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f838272b990, parent_tid=0x7f838272b990, exit_signal=0, stack=0x7f838270b000, stack_size=0x20240, tls=0x7f838272b6c0} [pid 621] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 622] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] fspick(AT_FDCWD, ".", 0) = 5 [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 621] <... futex resumed>) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] <... futex resumed>) = 0 [ 42.862413][ T637] Code: 00 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 7e 14 8d ff 48 8b 1b 4c 01 f3 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 55 0f 00 00 44 0f b6 23 44 89 e0 44 08 f8 [ 42.873659][ T622] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 42.883212][ T637] RSP: 0000:ffffc90001906e00 EFLAGS: 00010246 [ 42.896755][ T630] loop3: detected capacity change from 0 to 40427 [ 42.897100][ T637] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 42.912267][ T637] RDX: ffff88810d069440 RSI: 0000000000000000 RDI: 0000000000000000 [pid 622] fsconfig(5, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 642] <... clone3 resumed> => {parent_tid=[643]}, 88) = 643 [pid 642] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 643 attached [pid 643] set_robust_list(0x7f838272b9a0, 24) = 0 [pid 643] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 643] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 643] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 643] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 643] bpf(BPF_PROG_LOAD, NULL, 0 [pid 642] <... futex resumed>) = 0 [pid 643] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument) [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address) [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC) = 3 [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] bpf(BPF_MAP_CREATE, NULL, 72) = -1 EFAULT (Bad address) [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 643] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=NULL, msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL|MSG_BATCH) = -1 EFAULT (Bad address) [pid 643] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 642] <... futex resumed>) = 0 [pid 642] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 642] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 643] memfd_create("syzkaller", 0) = 4 [pid 643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f837a30b000 [pid 622] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = 0 [pid 621] <... futex resumed>) = 1 [ 42.924720][ T630] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 42.926244][ T637] RBP: ffffc90001906ed0 R08: ffff88810d069440 R09: 0000000000000003 [ 42.941973][ T630] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 42.942152][ T622] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 622] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 6 [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 622] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] pwritev2(6, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 621] <... futex resumed>) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] <... futex resumed>) = 0 [pid 622] sendfile(-1, -1, NULL, 281483568746501) = -1 EBADF (Bad file descriptor) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = 0 [pid 621] <... futex resumed>) = 1 [pid 622] sendto(3, [{nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}, "\x03\x00\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00"], 28, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] <... sendto resumed>) = 28 [pid 622] recvfrom(3, [{nlmsg_len=472, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=0, nlmsg_seq=0, nlmsg_pid=621}, "\x01\x02\x00\x00\x08\x00\x02\x00\x6e\x66\x63\x00\x06\x00\x01\x00\x18\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00\x08\x00\x04\x00\x00\x00\x00\x00\x08\x00\x05\x00\x1f\x00\x00\x00\x80\x01\x06\x00\x14\x00\x01\x00\x08\x00\x01\x00\x01\x00\x00\x00\x08\x00\x02\x00\x0e\x00\x00\x00\x14\x00\x02\x00\x08\x00\x01\x00\x02\x00\x00\x00\x08\x00\x02\x00\x0b\x00\x00\x00\x14\x00\x03\x00\x08\x00\x01\x00\x03\x00\x00\x00"...], 4096, 0, NULL, NULL) = 472 [pid 622] recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, nlmsg_seq=0, nlmsg_pid=621}, {error=0, msg={nlmsg_len=28, nlmsg_type=0x10 /* NLMSG_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=0, nlmsg_pid=0}}], 4096, 0, NULL, NULL) = 36 [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 621] <... futex resumed>) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] <... futex resumed>) = 0 [pid 622] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=28}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 622] <... sendmsg resumed>) = -1 EFAULT (Bad address) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 621] <... futex resumed>) = 0 [pid 622] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=-1}}, 16 [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... bpf resumed>) = -1 EBADF (Bad file descriptor) [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 621] <... futex resumed>) = 0 [pid 622] <... futex resumed>) = 0 [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=550000000} [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 622] <... futex resumed>) = 0 [pid 621] <... futex resumed>) = 1 [pid 622] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 622] futex(0x7f83827fd728, FUTEX_WAIT_PRIVATE, 0, NULL [pid 621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 621] futex(0x7f83827fd728, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... umount2 resumed>) = 0 [pid 621] <... futex resumed>) = 1 [pid 292] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 621] futex(0x7f83827fd72c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=350000000} [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 622] <... futex resumed>) = 0 [pid 292] newfstatat(AT_FDCWD, "./10/file4", [pid 622] ioctl(-1, USB_RAW_IOCTL_EVENT_FETCH [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 622] <... ioctl resumed>, 0x7f838272a110) = -1 EBADF (Bad file descriptor) [pid 292] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 292] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 622] futex(0x7f83827fd72c, FUTEX_WAKE_PRIVATE, 1000000 [pid 292] <... openat resumed>) = 4 [pid 292] newfstatat(4, "", [pid 622] <... futex resumed>) = 1 [pid 621] <... futex resumed>) = 0 [pid 292] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 621] exit_group(0 [pid 292] getdents64(4, [pid 621] <... exit_group resumed>) = ? [pid 292] <... getdents64 resumed>0x55557f752830 /* 2 entries */, 32768) = 48 [pid 622] +++ exited with 0 +++ [pid 621] +++ exited with 0 +++ [pid 292] getdents64(4, 0x55557f752830 /* 0 entries */, 32768) = 0 [pid 292] close(4) = 0 [pid 291] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=621, si_uid=0, si_status=0, si_utime=4, si_stime=23} --- [pid 292] rmdir("./10/file4" [pid 291] restart_syscall(<... resuming interrupted clone ...> [pid 292] <... rmdir resumed>) = 0 [pid 292] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 292] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 292] unlink("./10/binderfs" [pid 291] <... restart_syscall resumed>) = 0 [pid 292] <... unlink resumed>) = 0 [pid 292] getdents64(3, 0x55557f74a7f0 /* 0 entries */, 32768) = 0 [pid 291] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 292] close(3) = 0 [pid 291] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 292] rmdir("./10" [pid 291] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 292] <... rmdir resumed>) = 0 [pid 291] newfstatat(3, "", [pid 292] mkdir("./11", 0777 [pid 291] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 291] getdents64(3, 0x55557f74a7f0 /* 4 entries */, 32768) = 112 [pid 291] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 292] <... mkdir resumed>) = 0 [ 42.980079][ T637] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000000 [ 42.983664][ T630] F2FS-fs (loop3): fault_injection options not supported [ 42.993526][ T637] R13: ffff88810c0bc0c8 R14: 0000000000000000 R15: 0000000000000080 [ 43.003391][ T630] F2FS-fs (loop3): fault_type options not supported [ 43.019178][ T630] F2FS-fs (loop3): invalid crc value [pid 292] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 292] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 292] close(3) = 0 [ 43.024909][ T637] FS: 00007f838270a6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 43.038005][ T637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.048331][ T291] syz-executor130: attempt to access beyond end of device [ 43.048331][ T291] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 43.063203][ T637] CR2: 00007f837a8e8000 CR3: 00000001221b5000 CR4: 00000000003506a0 [ 43.064629][ T630] F2FS-fs (loop3): Found nat_bits in checkpoint [ 43.071970][ T637] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.086361][ T637] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.094614][ T637] Kernel panic - not syncing: Fatal exception [ 43.101005][ T637] Kernel Offset: disabled [ 43.105337][ T637] Rebooting in 86400 seconds..