./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2480402068 <...> Warning: Permanently added '10.128.1.190' (ED25519) to the list of known hosts. execve("./syz-executor2480402068", ["./syz-executor2480402068"], 0x7fff03e64010 /* 10 vars */) = 0 brk(NULL) = 0x555587579000 brk(0x555587579d40) = 0x555587579d40 arch_prctl(ARCH_SET_FS, 0x5555875793c0) = 0 set_tid_address(0x555587579690) = 289 set_robust_list(0x5555875796a0, 24) = 0 rseq(0x555587579ce0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2480402068", 4096) = 28 getrandom("\xe7\x1c\x3d\xfc\xf5\x07\xff\xec", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555587579d40 brk(0x55558759ad40) = 0x55558759ad40 brk(0x55558759b000) = 0x55558759b000 mprotect(0x7fc71fc07000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 290 attached , child_tidptr=0x555587579690) = 290 [pid 289] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 290] set_robust_list(0x5555875796a0, 24) = 0 [pid 289] <... clone resumed>, child_tidptr=0x555587579690) = 291 [pid 290] mkdir("./syzkaller.z5gFpG", 0700 [pid 289] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 290] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 291 attached [pid 290] chmod("./syzkaller.z5gFpG", 0777./strace-static-x86_64: Process 292 attached [pid 292] set_robust_list(0x5555875796a0, 24) = 0 [pid 292] mkdir("./syzkaller.SBmCXL", 0700 [pid 290] <... chmod resumed>) = 0 [pid 290] chdir("./syzkaller.z5gFpG" [pid 289] <... clone resumed>, child_tidptr=0x555587579690) = 292 [pid 291] set_robust_list(0x5555875796a0, 24 [pid 290] <... chdir resumed>) = 0 [pid 290] unshare(CLONE_NEWPID [pid 289] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 291] <... set_robust_list resumed>) = 0 [pid 292] <... mkdir resumed>) = 0 [pid 292] chmod("./syzkaller.SBmCXL", 0777) = 0 [pid 292] chdir("./syzkaller.SBmCXL") = 0 [pid 292] unshare(CLONE_NEWPID) = 0 [pid 290] <... unshare resumed>) = 0 [pid 292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 290] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 292] <... clone resumed>, child_tidptr=0x555587579690) = 293 [pid 290] <... clone resumed>, child_tidptr=0x555587579690) = 294 ./strace-static-x86_64: Process 294 attached [pid 294] set_robust_list(0x5555875796a0, 24) = 0 [pid 294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 294] getppid() = 0 [pid 294] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 294] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 294] unshare(CLONE_NEWNS [pid 291] mkdir("./syzkaller.Xm0cNG", 0700 [pid 294] <... unshare resumed>) = 0 [ 24.128162][ T28] audit: type=1400 audit(1749554351.858:64): avc: denied { execmem } for pid=289 comm="syz-executor248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 294] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 294] unshare(CLONE_NEWIPC) = -1 EINVAL (Invalid argument) [pid 294] unshare(CLONE_NEWCGROUP) = 0 [pid 294] unshare(CLONE_NEWUTS) = 0 [pid 294] unshare(CLONE_SYSVSEM) = 0 [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] getpid() = 1 [pid 294] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 293] set_robust_list(0x5555875796a0, 24) = 0 [pid 293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 293] getppid() = 0 [pid 293] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 293] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 293] unshare(CLONE_NEWNS) = 0 [pid 293] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 293] unshare(CLONE_NEWIPC) = -1 EINVAL (Invalid argument) [pid 293] unshare(CLONE_NEWCGROUP) = 0 [pid 293] unshare(CLONE_NEWUTS) = 0 [pid 293] unshare(CLONE_SYSVSEM) = 0 [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 293] getpid() = 1 [pid 293] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 291] <... mkdir resumed>) = 0 [pid 289] <... clone resumed>, child_tidptr=0x555587579690) = 295 [pid 291] chmod("./syzkaller.Xm0cNG", 0777 [pid 289] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 291] <... chmod resumed>) = 0 [pid 291] chdir("./syzkaller.Xm0cNG" [pid 289] <... clone resumed>, child_tidptr=0x555587579690) = 296 [pid 291] <... chdir resumed>) = 0 [pid 291] unshare(CLONE_NEWPID./strace-static-x86_64: Process 295 attached ./strace-static-x86_64: Process 296 attached [pid 295] set_robust_list(0x5555875796a0, 24 [pid 291] <... unshare resumed>) = 0 [pid 291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] <... set_robust_list resumed>) = 0 [pid 291] <... clone resumed>, child_tidptr=0x555587579690) = 297 [pid 295] mkdir("./syzkaller.KLpHCM", 0700 [pid 296] set_robust_list(0x5555875796a0, 24./strace-static-x86_64: Process 297 attached [pid 295] <... mkdir resumed>) = 0 [pid 296] <... set_robust_list resumed>) = 0 [pid 295] chmod("./syzkaller.KLpHCM", 0777) = 0 [pid 297] set_robust_list(0x5555875796a0, 24 [pid 296] mkdir("./syzkaller.kkHrYj", 0700 [pid 295] chdir("./syzkaller.KLpHCM") = 0 [pid 295] unshare(CLONE_NEWPID) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 296] <... mkdir resumed>) = 0 [pid 295] <... clone resumed>, child_tidptr=0x555587579690) = 298 [pid 297] <... set_robust_list resumed>) = 0 [pid 296] chmod("./syzkaller.kkHrYj", 0777 [pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 296] <... chmod resumed>) = 0 [pid 296] chdir("./syzkaller.kkHrYj" [pid 297] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 298 attached [pid 296] <... chdir resumed>) = 0 [pid 297] getppid( [pid 296] unshare(CLONE_NEWPID [pid 297] <... getppid resumed>) = 0 [pid 298] set_robust_list(0x5555875796a0, 24 [pid 297] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 296] <... unshare resumed>) = 0 [pid 298] <... set_robust_list resumed>) = 0 [pid 296] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] <... prlimit64 resumed>NULL) = 0 [pid 297] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 296] <... clone resumed>, child_tidptr=0x555587579690) = 299 [pid 297] <... prlimit64 resumed>NULL) = 0 [pid 297] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, ./strace-static-x86_64: Process 299 attached [pid 298] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 297] <... prlimit64 resumed>NULL) = 0 [pid 298] <... prctl resumed>) = 0 [pid 297] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 298] getppid( [pid 299] set_robust_list(0x5555875796a0, 24) = 0 [pid 298] <... getppid resumed>) = 0 [pid 297] <... prlimit64 resumed>NULL) = 0 [pid 294] <... unshare resumed>) = 0 [pid 294] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC [pid 298] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 299] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 297] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 299] <... prctl resumed>) = 0 [pid 298] <... prlimit64 resumed>NULL) = 0 [pid 297] <... prlimit64 resumed>NULL) = 0 [pid 294] <... openat resumed>) = 3 [pid 299] getppid( [pid 298] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 297] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 294] write(3, "0 65535", 7) = 7 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC [pid 299] <... getppid resumed>) = 0 [pid 298] <... prlimit64 resumed>NULL) = 0 [pid 297] <... prlimit64 resumed>NULL) = 0 [pid 299] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, [pid 298] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 297] unshare(CLONE_NEWNS [pid 294] <... openat resumed>) = 3 [pid 294] write(3, "100000", 6) = 6 [pid 294] close(3) = 0 [pid 294] mkdir("./syz-tmp", 0777 [pid 298] <... prlimit64 resumed>NULL) = 0 [pid 299] <... prlimit64 resumed>NULL) = 0 [pid 298] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 297] <... unshare resumed>) = 0 [pid 294] <... mkdir resumed>) = 0 [pid 294] mount("", "./syz-tmp", "tmpfs", 0, NULL [pid 298] <... prlimit64 resumed>NULL) = 0 [ 24.156890][ T28] audit: type=1400 audit(1749554351.888:65): avc: denied { mounton } for pid=294 comm="syz-executor248" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [pid 297] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 299] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, [pid 294] <... mount resumed>) = 0 [pid 294] mkdir("./syz-tmp/newroot", 0777) = 0 [pid 294] mkdir("./syz-tmp/newroot/dev", 0700) = 0 [pid 294] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 294] mkdir("./syz-tmp/newroot/proc", 0700) = 0 [pid 294] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0 [pid 294] mkdir("./syz-tmp/newroot/selinux", 0700) = 0 [pid 294] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 294] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 294] mkdir("./syz-tmp/newroot/sys", 0700) = 0 [pid 294] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 294] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 294] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 294] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 294] mkdir("./syz-tmp/newroot/syz-inputs", 0700) = 0 [pid 294] mount("/syz-inputs", "./syz-tmp/newroot/syz-inputs", NULL, MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 294] mkdir("./syz-tmp/pivot", 0777) = 0 [pid 294] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0 [pid 294] chdir("/") = 0 [pid 294] umount2("./pivot", MNT_DETACH [pid 293] <... unshare resumed>) = 0 [pid 293] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3 [pid 293] write(3, "0 65535", 7) = 7 [pid 293] close(3) = 0 [pid 293] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 293] write(3, "100000", 6) = 6 [pid 293] close(3) = 0 [pid 293] mkdir("./syz-tmp", 0777) = 0 [pid 293] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0 [pid 293] mkdir("./syz-tmp/newroot", 0777) = 0 [pid 293] mkdir("./syz-tmp/newroot/dev", 0700) = 0 [pid 293] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 293] mkdir("./syz-tmp/newroot/proc", 0700) = 0 [pid 293] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0 [pid 293] mkdir("./syz-tmp/newroot/selinux", 0700) = 0 [pid 293] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 293] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 293] mkdir("./syz-tmp/newroot/sys", 0700) = 0 [pid 293] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 293] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 298] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 297] <... mount resumed>) = 0 [pid 298] <... prlimit64 resumed>NULL) = 0 [pid 297] unshare(CLONE_NEWIPC [pid 298] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, [pid 297] <... unshare resumed>) = -1 EINVAL (Invalid argument) [pid 298] <... prlimit64 resumed>NULL) = 0 [pid 297] unshare(CLONE_NEWCGROUP [pid 298] unshare(CLONE_NEWNS [pid 297] <... unshare resumed>) = 0 [pid 298] <... unshare resumed>) = 0 [pid 297] unshare(CLONE_NEWUTS [pid 298] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 297] <... unshare resumed>) = 0 [pid 298] <... mount resumed>) = 0 [pid 297] unshare(CLONE_SYSVSEM [pid 298] unshare(CLONE_NEWIPC [pid 297] <... unshare resumed>) = 0 [pid 298] <... unshare resumed>) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 298] unshare(CLONE_NEWCGROUP [pid 297] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 298] <... unshare resumed>) = 0 [pid 297] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 298] unshare(CLONE_NEWUTS [pid 297] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 298] <... unshare resumed>) = 0 [pid 297] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 298] unshare(CLONE_SYSVSEM [pid 297] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 298] <... unshare resumed>) = 0 [pid 297] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 298] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 297] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 298] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 297] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 298] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 297] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 298] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 297] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 298] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 297] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 298] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 297] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 298] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 297] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 298] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 297] getpid( [pid 298] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 297] <... getpid resumed>) = 1 [pid 298] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 297] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 298] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC [pid 297] <... capget resumed>{effective=1<) = -1 ENOENT (No such file or directory) [pid 297] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 298] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 297] <... capset resumed>) = 0 [pid 298] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 297] unshare(CLONE_NEWNET [pid 298] getpid() = 1 [pid 298] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 293] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 293] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 293] mkdir("./syz-tmp/newroot/syz-inputs", 0700) = 0 [pid 293] mount("/syz-inputs", "./syz-tmp/newroot/syz-inputs", NULL, MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 293] mkdir("./syz-tmp/pivot", 0777) = 0 [pid 293] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0 [pid 293] chdir("/") = 0 [pid 293] umount2("./pivot", MNT_DETACH [pid 294] <... umount2 resumed>) = 0 [pid 294] chroot("./newroot") = 0 [pid 294] chdir("/") = 0 [pid 294] mkdir("/dev/gadgetfs", 0777 [pid 299] <... prlimit64 resumed>NULL) = 0 [pid 294] <... mkdir resumed>) = 0 [ 24.199435][ T28] audit: type=1400 audit(1749554351.928:66): avc: denied { mounton } for pid=294 comm="syz-executor248" path="/root/syzkaller.z5gFpG/syz-tmp" dev="sda1" ino=2029 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 24.224795][ T28] audit: type=1400 audit(1749554351.928:67): avc: denied { mount } for pid=294 comm="syz-executor248" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [pid 294] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL [pid 299] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, [pid 298] <... unshare resumed>) = 0 [pid 297] <... unshare resumed>) = 0 [pid 297] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3 [pid 297] write(3, "0 65535", 7) = 7 [pid 297] close(3) = 0 [pid 297] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 297] write(3, "100000", 6) = 6 [pid 297] close(3) = 0 [pid 297] mkdir("./syz-tmp", 0777) = 0 [pid 298] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3 [pid 298] write(3, "0 65535", 7) = 7 [pid 298] close(3) = 0 [pid 298] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 298] write(3, "100000", 6) = 6 [pid 298] close(3) = 0 [pid 298] mkdir("./syz-tmp", 0777) = 0 [pid 297] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0 [pid 297] mkdir("./syz-tmp/newroot", 0777) = 0 [pid 297] mkdir("./syz-tmp/newroot/dev", 0700) = 0 [pid 297] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL [pid 298] mount("", "./syz-tmp", "tmpfs", 0, NULL [pid 297] <... mount resumed>) = 0 [pid 293] <... umount2 resumed>) = 0 [pid 293] chroot("./newroot") = 0 [pid 293] chdir("/") = 0 [pid 293] mkdir("/dev/gadgetfs", 0777) = -1 EEXIST (File exists) [ 24.225591][ T294] request_module fs-gadgetfs succeeded, but still no fs? [ 24.247650][ T28] audit: type=1400 audit(1749554351.938:68): avc: denied { mounton } for pid=294 comm="syz-executor248" path="/root/syzkaller.z5gFpG/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [pid 293] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL [pid 299] <... prlimit64 resumed>NULL) = 0 [pid 293] <... mount resumed>) = -1 ENODEV (No such device) [pid 293] mkdir("/dev/binderfs", 0777) = 0 [pid 293] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0 [pid 293] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 293] mkdir("./0", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 2 [pid 297] mkdir("./syz-tmp/newroot/proc", 0700) = 0 [pid 298] <... mount resumed>) = 0 [pid 297] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0 [pid 298] mkdir("./syz-tmp/newroot", 0777) = 0 [pid 298] mkdir("./syz-tmp/newroot/dev", 0700) = 0 [pid 298] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 297] mkdir("./syz-tmp/newroot/selinux", 0700) = 0 [pid 297] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 298] mkdir("./syz-tmp/newroot/proc", 0700) = 0 [pid 297] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 298] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0 [pid 297] mkdir("./syz-tmp/newroot/sys", 0700) = 0 [pid 297] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 298] mkdir("./syz-tmp/newroot/selinux", 0700) = 0 [pid 298] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 298] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 297] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 298] mkdir("./syz-tmp/newroot/sys", 0700) = 0 [pid 297] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 297] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 298] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 297] mkdir("./syz-tmp/newroot/syz-inputs", 0700) = 0 [pid 298] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 297] mount("/syz-inputs", "./syz-tmp/newroot/syz-inputs", NULL, MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 298] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 297] mkdir("./syz-tmp/pivot", 0777) = 0 [pid 298] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 297] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0 [pid 297] chdir("/") = 0 [pid 297] umount2("./pivot", MNT_DETACH [pid 298] mkdir("./syz-tmp/newroot/syz-inputs", 0700) = 0 [pid 298] mount("/syz-inputs", "./syz-tmp/newroot/syz-inputs", NULL, MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 298] mkdir("./syz-tmp/pivot", 0777) = 0 [pid 298] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0 [pid 298] chdir("/") = 0 [pid 298] umount2("./pivot", MNT_DETACH [pid 294] <... mount resumed>) = -1 ENODEV (No such device) [pid 294] mkdir("/dev/binderfs", 0777) = -1 EEXIST (File exists) [pid 294] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0 [pid 294] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 294] mkdir("./0", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3executing program ./strace-static-x86_64: Process 301 attached [pid 299] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, [pid 297] <... umount2 resumed>) = 0 [pid 297] chroot("./newroot") = 0 [pid 297] chdir("/") = 0 [pid 297] mkdir("/dev/gadgetfs", 0777) = -1 EEXIST (File exists) [pid 297] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL) = -1 ENODEV (No such device) [pid 297] mkdir("/dev/binderfs", 0777) = -1 EEXIST (File exists) [pid 297] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0 [pid 297] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 297] mkdir("./0", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 2 [pid 294] <... close resumed>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 2 ./strace-static-x86_64: Process 303 attached [pid 303] set_robust_list(0x5555875796a0, 24) = 0 [pid 303] chdir("./0") = 0 [pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 303] setpgid(0, 0) = 0 [pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 303] write(3, "1000", 4) = 4 [pid 303] close(3) = 0 [pid 303] symlink("/dev/binderfs", "./binderfs") = 0 [pid 303] write(1, "executing program\n", 18) = 18 [pid 303] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 303] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 303] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 303] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 303] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 303] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[3]}, 88) = 3 [pid 303] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 303] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 304 attached [pid 304] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 304] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 304] memfd_create("syzkaller", 0) = 3 [pid 304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... umount2 resumed>) = 0 [pid 298] chroot("./newroot") = 0 [pid 298] chdir("/") = 0 [pid 298] mkdir("/dev/gadgetfs", 0777) = -1 EEXIST (File exists) [pid 298] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL [pid 301] set_robust_list(0x5555875796a0, 24 [pid 299] <... prlimit64 resumed>NULL) = 0 [pid 298] <... mount resumed>) = -1 ENODEV (No such device) [pid 298] mkdir("/dev/binderfs", 0777) = -1 EEXIST (File exists) [ 24.281775][ T28] audit: type=1400 audit(1749554351.938:69): avc: denied { mount } for pid=294 comm="syz-executor248" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 24.305747][ T28] audit: type=1400 audit(1749554351.938:70): avc: denied { mounton } for pid=294 comm="syz-executor248" path="/root/syzkaller.z5gFpG/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [pid 298] mount("binder", "/dev/binderfs", "binder", 0, NULLexecuting program ./strace-static-x86_64: Process 302 attached [pid 301] <... set_robust_list resumed>) = 0 [pid 299] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, [pid 298] <... mount resumed>) = 0 [pid 298] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 298] mkdir("./0", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 2 ./strace-static-x86_64: Process 305 attached [pid 305] set_robust_list(0x5555875796a0, 24) = 0 [pid 305] chdir("./0") = 0 [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 305] setpgid(0, 0) = 0 [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 305] write(3, "1000", 4) = 4 [pid 305] close(3) = 0 [pid 305] symlink("/dev/binderfs", "./binderfs") = 0 [pid 305] write(1, "executing program\n", 18) = 18 [pid 305] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 305] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 305] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[3]}, 88) = 3 [pid 305] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 305] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 306 attached [pid 306] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 306] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 306] memfd_create("syzkaller", 0) = 3 [pid 306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 302] set_robust_list(0x5555875796a0, 24 [pid 301] chdir("./0" [pid 299] <... prlimit64 resumed>NULL) = 0 [pid 302] <... set_robust_list resumed>) = 0 [pid 301] <... chdir resumed>) = 0 [pid 299] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 302] chdir("./0" [pid 301] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 299] unshare(CLONE_NEWNS [pid 302] <... chdir resumed>) = 0 [pid 301] <... prctl resumed>) = 0 [pid 299] <... unshare resumed>) = 0 [pid 301] setpgid(0, 0 [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 301] <... setpgid resumed>) = 0 [pid 302] <... prctl resumed>) = 0 [pid 299] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL [pid 301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 302] setpgid(0, 0 [pid 299] <... mount resumed>) = 0 [pid 302] <... setpgid resumed>) = 0 [pid 301] <... openat resumed>) = 3 [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 299] unshare(CLONE_NEWIPC [pid 301] write(3, "1000", 4 [pid 302] <... openat resumed>) = 3 [pid 301] <... write resumed>) = 4 [pid 299] <... unshare resumed>) = -1 EINVAL (Invalid argument) [pid 301] close(3 [pid 299] unshare(CLONE_NEWCGROUP [pid 302] write(3, "1000", 4 [pid 301] <... close resumed>) = 0 [pid 302] <... write resumed>) = 4 [pid 299] <... unshare resumed>) = 0 [pid 302] close(3 [pid 299] unshare(CLONE_NEWUTS [ 24.334749][ T28] audit: type=1400 audit(1749554351.938:71): avc: denied { mounton } for pid=294 comm="syz-executor248" path="/root/syzkaller.z5gFpG/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=10157 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 24.364281][ T28] audit: type=1400 audit(1749554351.938:72): avc: denied { unmount } for pid=294 comm="syz-executor248" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [pid 301] symlink("/dev/binderfs", "./binderfs" [pid 302] <... close resumed>) = 0 [pid 299] <... unshare resumed>) = 0 [pid 301] <... symlink resumed>) = 0 [pid 302] symlink("/dev/binderfs", "./binderfs" [pid 299] unshare(CLONE_SYSVSEM [pid 302] <... symlink resumed>) = 0 [pid 299] <... unshare resumed>) = 0 [pid 301] write(1, "executing program\n", 18executing program [pid 299] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC [pid 302] write(1, "executing program\n", 18 [pid 301] <... write resumed>) = 18 executing program [pid 302] <... write resumed>) = 18 [pid 299] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 301] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC [pid 301] <... futex resumed>) = 0 [pid 301] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 302] <... futex resumed>) = 0 [pid 301] <... rt_sigaction resumed>NULL, 8) = 0 [pid 299] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 302] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 301] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 299] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC [pid 302] <... rt_sigaction resumed>NULL, 8) = 0 [pid 301] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 302] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 299] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 301] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 302] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 299] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC [pid 301] <... mmap resumed>) = 0x7fc71fb1c000 [pid 302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 299] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 302] <... mmap resumed>) = 0x7fc71fb1c000 [pid 301] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 299] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC [pid 302] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 301] <... mprotect resumed>) = 0 [pid 299] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 302] <... mprotect resumed>) = 0 [pid 301] rt_sigprocmask(SIG_BLOCK, ~[], [pid 302] rt_sigprocmask(SIG_BLOCK, ~[], [pid 301] <... rt_sigprocmask resumed>[], 8) = 0 [pid 299] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 302] <... rt_sigprocmask resumed>[], 8) = 0 [pid 301] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 302] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 299] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC [pid 302] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3 [pid 301] <... clone3 resumed> => {parent_tid=[3]}, 88) = 3 [pid 299] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 299] getpid( [pid 302] rt_sigprocmask(SIG_SETMASK, [], [pid 301] rt_sigprocmask(SIG_SETMASK, [], [pid 302] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 299] <... getpid resumed>) = 1 [pid 301] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 299] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, [pid 302] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 302] <... futex resumed>) = 0 [pid 299] <... capget resumed>{effective=1<) = 0 [pid 299] capset({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 302] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 301] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 299] <... capset resumed>) = 0 [pid 299] unshare(CLONE_NEWNET./strace-static-x86_64: Process 307 attached ./strace-static-x86_64: Process 308 attached [pid 308] set_robust_list(0x7fc71fb3c9a0, 24 [pid 307] set_robust_list(0x7fc71fb3c9a0, 24 [pid 308] <... set_robust_list resumed>) = 0 [pid 307] <... set_robust_list resumed>) = 0 [pid 308] rt_sigprocmask(SIG_SETMASK, [], [pid 307] rt_sigprocmask(SIG_SETMASK, [], [pid 308] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 307] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 308] memfd_create("syzkaller", 0 [pid 307] memfd_create("syzkaller", 0) = 3 [pid 308] <... memfd_create resumed>) = 3 [pid 307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... unshare resumed>) = 0 [pid 299] openat(AT_FDCWD, "/proc/sys/net/ipv4/ping_group_range", O_WRONLY|O_CLOEXEC) = 3 [ 24.387639][ T28] audit: type=1400 audit(1749554351.958:73): avc: denied { mounton } for pid=294 comm="syz-executor248" path="/dev/gadgetfs" dev="devtmpfs" ino=570 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [pid 299] write(3, "0 65535", 7) = 7 [pid 299] close(3) = 0 [pid 299] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 299] write(3, "100000", 6) = 6 [pid 299] close(3) = 0 [pid 299] mkdir("./syz-tmp", 0777) = 0 [pid 299] mount("", "./syz-tmp", "tmpfs", 0, NULL) = 0 [pid 299] mkdir("./syz-tmp/newroot", 0777) = 0 [pid 299] mkdir("./syz-tmp/newroot/dev", 0700) = 0 [pid 299] mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 299] mkdir("./syz-tmp/newroot/proc", 0700) = 0 [pid 299] mount("syz-proc", "./syz-tmp/newroot/proc", "proc", 0, NULL) = 0 [pid 299] mkdir("./syz-tmp/newroot/selinux", 0700) = 0 [pid 299] mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 299] mount("/sys/fs/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 299] mkdir("./syz-tmp/newroot/sys", 0700) = 0 [pid 299] mount("/sys", "./syz-tmp/newroot/sys", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 299] mount("/sys/kernel/debug", "./syz-tmp/newroot/sys/kernel/debug", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 299] mount("/sys/fs/smackfs", "./syz-tmp/newroot/sys/fs/smackfs", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 299] mount("/proc/sys/fs/binfmt_misc", "./syz-tmp/newroot/proc/sys/fs/binfmt_misc", NULL, MS_BIND|MS_REC|MS_PRIVATE, NULL) = 0 [pid 299] mkdir("./syz-tmp/newroot/syz-inputs", 0700) = 0 [pid 299] mount("/syz-inputs", "./syz-tmp/newroot/syz-inputs", NULL, MS_RDONLY|MS_BIND|MS_REC|MS_PRIVATE, NULL) = -1 ENOENT (No such file or directory) [pid 299] mkdir("./syz-tmp/pivot", 0777) = 0 [pid 299] pivot_root("./syz-tmp", "./syz-tmp/pivot") = 0 [pid 299] chdir("/") = 0 [pid 299] umount2("./pivot", MNT_DETACH) = 0 [pid 299] chroot("./newroot") = 0 [pid 299] chdir("/") = 0 [pid 299] mkdir("/dev/gadgetfs", 0777) = -1 EEXIST (File exists) [pid 299] mount("gadgetfs", "/dev/gadgetfs", "gadgetfs", 0, NULL) = -1 ENODEV (No such device) [pid 299] mkdir("/dev/binderfs", 0777) = -1 EEXIST (File exists) [pid 299] mount("binder", "/dev/binderfs", "binder", 0, NULL) = 0 [pid 299] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 299] mkdir("./0", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 2 ./strace-static-x86_64: Process 309 attached [pid 309] set_robust_list(0x5555875796a0, 24) = 0 [pid 309] chdir("./0") = 0 [pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 309] setpgid(0, 0) = 0 [pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 309] write(3, "1000", 4) = 4 [pid 309] close(3) = 0 [pid 309] symlink("/dev/binderfs", "./binderfs") = 0 [pid 309] write(1, "executing program\n", 18executing program ) = 18 [pid 309] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 309] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 309] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 309] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 309] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 309] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 309] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[3]}, 88) = 3 [pid 309] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 309] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 309] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 310 attached [pid 310] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 310] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 310] memfd_create("syzkaller", 0) = 3 [pid 310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 306] <... write resumed>) = 20699119 [pid 306] munmap(0x7fc71771c000, 138412032) = 0 [pid 306] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 306] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 306] close(3) = 0 [pid 306] close(4) = 0 [pid 306] mkdir("./file4", 0777) = 0 [pid 306] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 24.655441][ T306] loop3: detected capacity change from 0 to 40427 [ 24.672080][ T306] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 24.711315][ T306] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 24.719881][ T306] F2FS-fs (loop3): fault_injection options not supported [pid 307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 304] <... write resumed>) = 20699119 [pid 304] munmap(0x7fc71771c000, 138412032) = 0 [pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 24.758929][ T306] F2FS-fs (loop3): fault_type options not supported [ 24.791024][ T306] F2FS-fs (loop3): invalid crc value [pid 304] ioctl(4, LOOP_SET_FD, 3 [pid 308] <... write resumed>) = 20699119 [pid 307] <... write resumed>) = 20699119 [pid 308] munmap(0x7fc71771c000, 138412032 [pid 307] munmap(0x7fc71771c000, 138412032 [pid 308] <... munmap resumed>) = 0 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 308] ioctl(4, LOOP_SET_FD, 3 [pid 307] <... munmap resumed>) = 0 [pid 307] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 307] ioctl(4, LOOP_SET_FD, 3 [pid 304] <... ioctl resumed>) = 0 [pid 304] close(3) = 0 [pid 304] close(4) = 0 [pid 304] mkdir("./file4", 0777) = 0 [pid 304] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 308] <... ioctl resumed>) = 0 [pid 308] close(3 [pid 307] <... ioctl resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 307] close(3 [pid 308] close(4 [pid 307] <... close resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 307] close(4) = 0 [pid 308] mkdir("./file4", 0777 [pid 307] mkdir("./file4", 0777 [pid 308] <... mkdir resumed>) = 0 [pid 308] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 307] <... mkdir resumed>) = 0 [ 24.816226][ T304] loop0: detected capacity change from 0 to 40427 [ 24.825520][ T306] F2FS-fs (loop3): Found nat_bits in checkpoint [ 24.832195][ T308] loop1: detected capacity change from 0 to 40427 [ 24.840254][ T307] loop2: detected capacity change from 0 to 40427 [ 24.844845][ T304] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 24.861944][ T308] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 24.869880][ T307] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 24.884737][ T304] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 24.888054][ T308] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 24.912741][ T307] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 24.925882][ T304] F2FS-fs (loop0): fault_injection options not supported [ 24.939964][ T306] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 24.956414][ T308] F2FS-fs (loop1): fault_injection options not supported [pid 307] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 306] <... mount resumed>) = 0 [pid 306] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 306] chdir("./file4") = 0 [pid 306] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 306] ioctl(4, LOOP_CLR_FD) = 0 [pid 306] close(4) = 0 [pid 306] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 0 [pid 310] <... write resumed>) = 20699119 [pid 306] fspick(AT_FDCWD, ".", 0) = 4 [pid 306] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] <... futex resumed>) = 0 [pid 310] munmap(0x7fc71771c000, 138412032 [ 24.958200][ T307] F2FS-fs (loop2): fault_injection options not supported [ 24.973078][ T306] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 24.984130][ T304] F2FS-fs (loop0): fault_type options not supported [ 24.991280][ T308] F2FS-fs (loop1): fault_type options not supported [ 24.999519][ T307] F2FS-fs (loop2): fault_type options not supported [ 25.007382][ T304] F2FS-fs (loop0): invalid crc value [pid 305] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 306] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] <... munmap resumed>) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 310] ioctl(4, LOOP_SET_FD, 3 [pid 306] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 306] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 306] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 305] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 0 [pid 306] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 306] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 305] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 305] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 306] <... futex resumed>) = 1 [pid 306] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 306] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 305] <... futex resumed>) = 0 [pid 305] close(3) = 0 [pid 305] close(4) = 0 [pid 305] close(5) = 0 [pid 305] close(6) = -1 EBADF (Bad file descriptor) [pid 305] close(7) = -1 EBADF (Bad file descriptor) [pid 305] close(8) = -1 EBADF (Bad file descriptor) [pid 305] close(9) = -1 EBADF (Bad file descriptor) [pid 305] close(10) = -1 EBADF (Bad file descriptor) [pid 305] close(11) = -1 EBADF (Bad file descriptor) [pid 305] close(12) = -1 EBADF (Bad file descriptor) [pid 305] close(13) = -1 EBADF (Bad file descriptor) [pid 305] close(14) = -1 EBADF (Bad file descriptor) [pid 305] close(15) = -1 EBADF (Bad file descriptor) [pid 305] close(16) = -1 EBADF (Bad file descriptor) [pid 305] close(17) = -1 EBADF (Bad file descriptor) [pid 305] close(18) = -1 EBADF (Bad file descriptor) [pid 305] close(19) = -1 EBADF (Bad file descriptor) [pid 305] close(20) = -1 EBADF (Bad file descriptor) [pid 305] close(21) = -1 EBADF (Bad file descriptor) [pid 305] close(22) = -1 EBADF (Bad file descriptor) [pid 305] close(23) = -1 EBADF (Bad file descriptor) [pid 305] close(24) = -1 EBADF (Bad file descriptor) [pid 305] close(25) = -1 EBADF (Bad file descriptor) [pid 305] close(26) = -1 EBADF (Bad file descriptor) [pid 310] <... ioctl resumed>) = 0 [pid 305] close(27) = -1 EBADF (Bad file descriptor) [pid 305] close(28) = -1 EBADF (Bad file descriptor) [pid 305] close(29) = -1 EBADF (Bad file descriptor) [pid 305] exit_group(0) = ? [pid 306] <... futex resumed>) = ? [pid 306] +++ exited with 0 +++ [pid 305] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=9, si_stime=14} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 310] close(3 [pid 298] <... restart_syscall resumed>) = 0 [pid 310] <... close resumed>) = 0 [pid 310] close(4) = 0 [pid 298] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] mkdir("./file4", 0777 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] <... mkdir resumed>) = 0 [pid 298] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] <... openat resumed>) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 25.014814][ T306] F2FS-fs (loop3): switch discard_unit option is not allowed [ 25.023755][ T310] loop4: detected capacity change from 0 to 40427 [ 25.034393][ T304] F2FS-fs (loop0): Found nat_bits in checkpoint [ 25.035834][ T307] F2FS-fs (loop2): invalid crc value [ 25.051431][ T310] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 25.059025][ T310] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 25.059337][ T298] syz-executor248: attempt to access beyond end of device [ 25.059337][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 25.067702][ T310] F2FS-fs (loop4): fault_injection options not supported [ 25.081611][ T308] F2FS-fs (loop1): invalid crc value [ 25.089173][ T310] F2FS-fs (loop4): fault_type options not supported [ 25.102323][ T310] F2FS-fs (loop4): invalid crc value [ 25.109010][ T307] F2FS-fs (loop2): Found nat_bits in checkpoint [ 25.128934][ T304] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 25.136468][ T304] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 25.138313][ T310] F2FS-fs (loop4): Found nat_bits in checkpoint [ 25.144813][ T308] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 298] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 304] <... mount resumed>) = 0 [pid 304] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 304] chdir("./file4") = 0 [pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 304] ioctl(4, LOOP_CLR_FD) = 0 [pid 304] close(4) = 0 [pid 304] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] fspick(AT_FDCWD, ".", 0 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] <... fspick resumed>) = 4 [pid 304] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 307] <... mount resumed>) = 0 [pid 307] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 307] chdir("./file4") = 0 [pid 307] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 307] ioctl(4, LOOP_CLR_FD) = 0 [pid 307] close(4) = 0 [pid 307] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 307] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 301] <... futex resumed>) = 0 [pid 301] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = 1 [pid 307] fspick(AT_FDCWD, ".", 0 [pid 301] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... fspick resumed>) = 4 [pid 307] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 307] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] <... futex resumed>) = 0 [pid 301] <... futex resumed>) = 1 [pid 301] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 25.174765][ T307] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 25.190399][ T307] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 25.212686][ T304] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 307] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 304] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 304] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 304] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 303] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 303] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 304] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 304] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 303] <... futex resumed>) = 0 [pid 303] close(3 [pid 304] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 303] <... close resumed>) = 0 [pid 303] close(4) = 0 [pid 303] close(5) = 0 [pid 303] close(6) = -1 EBADF (Bad file descriptor) [pid 303] close(7) = -1 EBADF (Bad file descriptor) [pid 303] close(8) = -1 EBADF (Bad file descriptor) [pid 303] close(9) = -1 EBADF (Bad file descriptor) [pid 303] close(10) = -1 EBADF (Bad file descriptor) [pid 303] close(11) = -1 EBADF (Bad file descriptor) [pid 303] close(12) = -1 EBADF (Bad file descriptor) [pid 303] close(13) = -1 EBADF (Bad file descriptor) [pid 303] close(14) = -1 EBADF (Bad file descriptor) [pid 303] close(15) = -1 EBADF (Bad file descriptor) [pid 303] close(16) = -1 EBADF (Bad file descriptor) [pid 303] close(17) = -1 EBADF (Bad file descriptor) [pid 303] close(18) = -1 EBADF (Bad file descriptor) [pid 303] close(19) = -1 EBADF (Bad file descriptor) [pid 303] close(20) = -1 EBADF (Bad file descriptor) [pid 303] close(21) = -1 EBADF (Bad file descriptor) [pid 303] close(22) = -1 EBADF (Bad file descriptor) [pid 303] close(23) = -1 EBADF (Bad file descriptor) [pid 303] close(24) = -1 EBADF (Bad file descriptor) [pid 303] close(25) = -1 EBADF (Bad file descriptor) [pid 303] close(26) = -1 EBADF (Bad file descriptor) [pid 303] close(27) = -1 EBADF (Bad file descriptor) [pid 303] close(28) = -1 EBADF (Bad file descriptor) [pid 303] close(29) = -1 EBADF (Bad file descriptor) [pid 303] exit_group(0) = ? [pid 307] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 307] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 304] <... futex resumed>) = ? [pid 304] +++ exited with 0 +++ [pid 303] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 294] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 301] <... futex resumed>) = 0 [pid 301] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 301] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 307] <... futex resumed>) = 1 [ 25.222868][ T307] F2FS-fs (loop2): switch discard_unit option is not allowed [ 25.248522][ T310] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 25.259718][ T294] syz-executor248: attempt to access beyond end of device [ 25.259718][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 310] <... mount resumed>) = 0 [pid 307] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 310] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 307] <... open resumed>) = 5 [pid 310] chdir("./file4" [pid 307] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... chdir resumed>) = 0 [pid 307] <... futex resumed>) = 1 [pid 301] <... futex resumed>) = 0 [pid 310] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 307] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 310] <... openat resumed>) = 4 [pid 307] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] ioctl(4, LOOP_CLR_FD [pid 307] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 310] <... ioctl resumed>) = 0 [pid 301] <... futex resumed>) = 0 [pid 307] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] close(4 [pid 307] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] <... close resumed>) = 0 [pid 307] <... futex resumed>) = 0 [pid 301] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... umount2 resumed>) = 0 [pid 301] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 301] close(3) = 0 [pid 301] close(4) = 0 [pid 301] close(5) = 0 [pid 301] close(6) = -1 EBADF (Bad file descriptor) [pid 301] close(7) = -1 EBADF (Bad file descriptor) [pid 301] close(8) = -1 EBADF (Bad file descriptor) [pid 301] close(9) = -1 EBADF (Bad file descriptor) [pid 301] close(10) = -1 EBADF (Bad file descriptor) [pid 301] close(11) = -1 EBADF (Bad file descriptor) [pid 301] close(12) = -1 EBADF (Bad file descriptor) [pid 301] close(13) = -1 EBADF (Bad file descriptor) [pid 301] close(14) = -1 EBADF (Bad file descriptor) [pid 301] close(15) = -1 EBADF (Bad file descriptor) [pid 301] close(16) = -1 EBADF (Bad file descriptor) [pid 301] close(17) = -1 EBADF (Bad file descriptor) [pid 301] close(18) = -1 EBADF (Bad file descriptor) [pid 301] close(19) = -1 EBADF (Bad file descriptor) [pid 301] close(20) = -1 EBADF (Bad file descriptor) [pid 301] close(21) = -1 EBADF (Bad file descriptor) [pid 301] close(22) = -1 EBADF (Bad file descriptor) [pid 301] close(23) = -1 EBADF (Bad file descriptor) [pid 301] close(24) = -1 EBADF (Bad file descriptor) [pid 301] close(25) = -1 EBADF (Bad file descriptor) [pid 301] close(26 [pid 310] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 307] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 301] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... futex resumed>) = 1 [pid 309] <... futex resumed>) = 0 [pid 301] close(27 [pid 310] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 309] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 301] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 309] <... futex resumed>) = 0 [pid 308] <... mount resumed>) = 0 [pid 301] close(28 [pid 298] newfstatat(AT_FDCWD, "./0/file4", [pid 310] fspick(AT_FDCWD, ".", 0 [pid 309] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 301] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 310] <... fspick resumed>) = 4 [pid 308] <... openat resumed>) = 3 [pid 301] close(29 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 310] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] chdir("./file4" [pid 301] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 310] <... futex resumed>) = 1 [pid 309] <... futex resumed>) = 0 [pid 308] <... chdir resumed>) = 0 [pid 301] exit_group(0 [pid 310] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 309] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 307] <... futex resumed>) = ? [pid 301] <... exit_group resumed>) = ? [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 310] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 309] <... futex resumed>) = 0 [pid 308] <... openat resumed>) = 4 [pid 307] +++ exited with 0 +++ [pid 301] +++ exited with 0 +++ [pid 298] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 310] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 309] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] ioctl(4, LOOP_CLR_FD [pid 298] <... openat resumed>) = 4 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 310] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 308] <... ioctl resumed>) = 0 [pid 298] newfstatat(4, "", [pid 310] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] close(4 [pid 293] <... restart_syscall resumed>) = 0 [pid 308] <... close resumed>) = 0 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 310] <... futex resumed>) = 1 [pid 308] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 310] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 308] <... futex resumed>) = 1 [pid 298] getdents64(4, [pid 308] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 298] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] getdents64(4, [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 298] close(4 [pid 309] <... futex resumed>) = 0 [pid 302] <... futex resumed>) = 0 [pid 298] <... close resumed>) = 0 [pid 293] <... openat resumed>) = 3 [pid 309] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] rmdir("./0/file4" [pid 293] newfstatat(3, "", [pid 309] <... futex resumed>) = 1 [pid 298] <... rmdir resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 309] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] getdents64(3, [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] newfstatat(AT_FDCWD, "./0/binderfs", [pid 293] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 302] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 25.275827][ T310] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 25.280717][ T308] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 25.306691][ T308] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 25.319074][ T310] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 310] <... futex resumed>) = 0 [pid 308] <... futex resumed>) = 0 [pid 302] <... futex resumed>) = 1 [pid 302] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 310] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 310] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 309] <... futex resumed>) = 0 [pid 308] fspick(AT_FDCWD, ".", 0 [pid 298] unlink("./0/binderfs" [pid 309] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... fspick resumed>) = 4 [pid 309] <... futex resumed>) = 1 [pid 308] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... unlink resumed>) = 0 [pid 309] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 308] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 298] getdents64(3, [pid 308] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] <... futex resumed>) = 0 [pid 298] close(3 [pid 308] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 302] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... close resumed>) = 0 [pid 298] rmdir("./0") = 0 [pid 298] mkdir("./1", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 308] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 310] <... futex resumed>) = 0 [pid 310] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 308] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 302] <... futex resumed>) = 0 [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 4 [pid 308] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] <... futex resumed>) = 0 [pid 308] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 302] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 310] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 309] <... futex resumed>) = 0 [pid 310] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 309] close(3) = 0 [pid 308] <... open resumed>) = 5 [pid 309] close(4 [pid 308] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... close resumed>) = 0 [pid 308] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 309] close(5 [pid 308] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... close resumed>) = 0 [pid 308] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 302] <... futex resumed>) = 0 [pid 309] close(6 [pid 308] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 302] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 308] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 309] close(7 [pid 308] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] close(8 [pid 308] <... futex resumed>) = 1 [pid 302] <... futex resumed>) = 0 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 308] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 302] close(3 [pid 309] close(9 [pid 302] <... close resumed>) = 0 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(4 [pid 309] close(10 [pid 302] <... close resumed>) = 0 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(5 [pid 309] close(11 [pid 302] <... close resumed>) = 0 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(6 [pid 309] close(12 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(7) = -1 EBADF (Bad file descriptor) [pid 302] close(8) = -1 EBADF (Bad file descriptor) [pid 302] close(9./strace-static-x86_64: Process 333 attached [pid 309] close(13 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] set_robust_list(0x5555875796a0, 24 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(10 [pid 309] close(14 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(11 [pid 309] close(15 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(12 [pid 309] close(16 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(13 [pid 309] close(17 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(14 [pid 309] close(18 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(15 [pid 309] close(19 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(16 [pid 333] <... set_robust_list resumed>) = 0 [pid 309] close(20 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] chdir("./1" [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(17 [pid 333] <... chdir resumed>) = 0 [pid 309] close(21 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(18 [pid 333] <... prctl resumed>) = 0 [pid 309] close(22 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] setpgid(0, 0 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(19 [pid 333] <... setpgid resumed>) = 0 [pid 309] close(23 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(20 [pid 333] <... openat resumed>) = 3 [pid 309] close(24 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] write(3, "1000", 4 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(21 [pid 333] <... write resumed>) = 4 [pid 309] close(25 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] close(3 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(22 [pid 333] <... close resumed>) = 0 [pid 309] close(26 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] symlink("/dev/binderfs", "./binderfs" [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(23 [pid 333] <... symlink resumed>) = 0 [pid 309] close(27 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) executing program [pid 333] write(1, "executing program\n", 18 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(24 [pid 333] <... write resumed>) = 18 [pid 309] close(28 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(25 [pid 333] <... futex resumed>) = 0 [pid 309] close(29 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 309] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(26 [pid 333] <... rt_sigaction resumed>NULL, 8) = 0 [pid 309] exit_group(0 [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 310] <... futex resumed>) = ? [pid 309] <... exit_group resumed>) = ? [pid 302] close(27 [pid 333] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 310] +++ exited with 0 +++ [pid 302] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 302] close(28) = -1 EBADF (Bad file descriptor) [pid 302] close(29) = -1 EBADF (Bad file descriptor) [pid 302] exit_group(0) = ? [pid 333] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 309] +++ exited with 0 +++ [pid 308] <... futex resumed>) = ? [pid 333] <... mmap resumed>) = 0x7fc71fb1c000 [pid 308] +++ exited with 0 +++ [pid 302] +++ exited with 0 +++ [pid 333] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=9, si_stime=19} --- [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=2, si_uid=0, si_status=0, si_utime=9, si_stime=13} --- [pid 333] <... mprotect resumed>) = 0 [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 333] rt_sigprocmask(SIG_BLOCK, ~[], [pid 299] <... restart_syscall resumed>) = 0 [pid 333] <... rt_sigprocmask resumed>[], 8) = 0 [pid 297] <... restart_syscall resumed>) = 0 [pid 333] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 299] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 333] <... clone3 resumed> => {parent_tid=[5]}, 88) = 5 [pid 297] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 333] rt_sigprocmask(SIG_SETMASK, [], [pid 299] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 333] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 333] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... openat resumed>) = 3 [pid 297] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 333] <... futex resumed>) = 0 [pid 299] newfstatat(3, "", [pid 333] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] <... openat resumed>) = 3 [pid 299] getdents64(3, [pid 297] newfstatat(3, "", [pid 299] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 25.332211][ T293] syz-executor248: attempt to access beyond end of device [ 25.332211][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 25.360724][ T308] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 297] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 334 attached [pid 334] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 334] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 334] memfd_create("syzkaller", 0) = 3 [pid 334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 25.407992][ T299] syz-executor248: attempt to access beyond end of device [ 25.407992][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 25.423764][ T297] syz-executor248: attempt to access beyond end of device [ 25.423764][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 293] <... umount2 resumed>) = 0 [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./0/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./0/file4") = 0 [pid 294] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./0/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./0") = 0 [pid 294] mkdir("./1", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 4 [pid 293] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./0/file4", ./strace-static-x86_64: Process 337 attached [pid 337] set_robust_list(0x5555875796a0, 24) = 0 [pid 337] chdir("./1") = 0 [pid 337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 337] setpgid(0, 0) = 0 [pid 337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./0/file4") = 0 [pid 293] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 337] write(3, "1000", 4) = 4 [pid 337] close(3 [pid 293] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./0/binderfs" [pid 337] <... close resumed>) = 0 [pid 293] <... unlink resumed>) = 0 [pid 293] getdents64(3, [pid 337] symlink("/dev/binderfs", "./binderfs") = 0 [pid 337] write(1, "executing program\n", 18executing program ) = 18 [pid 337] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 337] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 337] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 337] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 337] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 337] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[5]}, 88) = 5 [pid 337] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 337] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 337] <... futex resumed>) = 0 [pid 337] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 338 attached [pid 338] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 338] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 293] rmdir("./0") = 0 [pid 338] memfd_create("syzkaller", 0) = 3 [pid 338] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 293] mkdir("./1", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 4 ./strace-static-x86_64: Process 339 attached [pid 339] set_robust_list(0x5555875796a0, 24) = 0 [pid 339] chdir("./1") = 0 [pid 339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 339] setpgid(0, 0) = 0 [pid 339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 339] write(3, "1000", 4) = 4 [pid 339] close(3) = 0 [pid 339] symlink("/dev/binderfs", "./binderfs") = 0 [pid 339] write(1, "executing program\n", 18executing program ) = 18 [pid 339] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 339] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 339] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 339] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 339] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 339] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 339] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[5]}, 88) = 5 [pid 339] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 339] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 339] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 340 attached [pid 340] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 340] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 340] memfd_create("syzkaller", 0) = 3 [pid 340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./0/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./0/file4") = 0 [pid 299] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./0/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./0") = 0 [pid 299] mkdir("./1", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 4 [pid 297] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 341 attached [pid 297] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 341] set_robust_list(0x5555875796a0, 24 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 341] <... set_robust_list resumed>) = 0 [pid 297] newfstatat(AT_FDCWD, "./0/file4", [pid 341] chdir("./1" [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 341] <... chdir resumed>) = 0 [pid 297] umount2("./0/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 341] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 341] <... prctl resumed>) = 0 [pid 297] openat(AT_FDCWD, "./0/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 341] setpgid(0, 0) = 0 [pid 297] <... openat resumed>) = 4 [pid 341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 297] newfstatat(4, "", [pid 341] <... openat resumed>) = 3 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 341] write(3, "1000", 4 [pid 297] getdents64(4, [pid 341] <... write resumed>) = 4 [pid 341] close(3 [pid 297] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 341] <... close resumed>) = 0 [pid 297] getdents64(4, [pid 341] symlink("/dev/binderfs", "./binderfs" [pid 297] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 executing program [pid 341] <... symlink resumed>) = 0 [pid 297] close(4 [pid 341] write(1, "executing program\n", 18 [pid 297] <... close resumed>) = 0 [pid 341] <... write resumed>) = 18 [pid 297] rmdir("./0/file4" [pid 341] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... rmdir resumed>) = 0 [pid 341] <... futex resumed>) = 0 [pid 297] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 341] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 341] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 297] newfstatat(AT_FDCWD, "./0/binderfs", [pid 341] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 341] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 297] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 341] <... mmap resumed>) = 0x7fc71fb1c000 [pid 297] unlink("./0/binderfs" [pid 341] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 297] <... unlink resumed>) = 0 [pid 341] <... mprotect resumed>) = 0 [pid 297] getdents64(3, [pid 341] rt_sigprocmask(SIG_BLOCK, ~[], [pid 297] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 341] <... rt_sigprocmask resumed>[], 8) = 0 [pid 297] close(3 [pid 341] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 297] <... close resumed>) = 0 [pid 297] rmdir("./0" [pid 341] <... clone3 resumed> => {parent_tid=[5]}, 88) = 5 [pid 341] rt_sigprocmask(SIG_SETMASK, [], [pid 297] <... rmdir resumed>) = 0 [pid 341] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 297] mkdir("./1", 0777 [pid 341] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 297] <... mkdir resumed>) = 0 [pid 341] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 4 ./strace-static-x86_64: Process 342 attached [pid 342] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 342] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 342] memfd_create("syzkaller", 0) = 3 [pid 342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 343 attached [pid 343] set_robust_list(0x5555875796a0, 24) = 0 [pid 343] chdir("./1") = 0 [pid 343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 343] setpgid(0, 0) = 0 [pid 343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 343] write(3, "1000", 4) = 4 [pid 343] close(3) = 0 [pid 343] symlink("/dev/binderfs", "./binderfs") = 0 [pid 343] write(1, "executing program\n", 18executing program ) = 18 [pid 343] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 343] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 343] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 343] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 343] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 343] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 343] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[5]}, 88) = 5 [pid 343] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 343] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 343] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 344 attached [pid 344] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 344] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 344] memfd_create("syzkaller", 0) = 3 [pid 344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 334] <... write resumed>) = 20699119 [pid 334] munmap(0x7fc71771c000, 138412032) = 0 [pid 334] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 334] ioctl(4, LOOP_SET_FD, 3 [pid 338] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 334] <... ioctl resumed>) = 0 [pid 334] close(3) = 0 [pid 334] close(4) = 0 [pid 334] mkdir("./file4", 0777) = 0 [ 25.860819][ T334] loop3: detected capacity change from 0 to 40427 [ 25.881429][ T334] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 25.888649][ T334] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 334] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 25.918190][ T334] F2FS-fs (loop3): fault_injection options not supported [ 25.925517][ T334] F2FS-fs (loop3): fault_type options not supported [ 25.943499][ T334] F2FS-fs (loop3): invalid crc value [pid 344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 340] <... write resumed>) = 20699119 [pid 342] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 338] <... write resumed>) = 20699119 [pid 338] munmap(0x7fc71771c000, 138412032) = 0 [pid 338] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 25.971243][ T334] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 338] ioctl(4, LOOP_SET_FD, 3 [pid 340] munmap(0x7fc71771c000, 138412032) = 0 [pid 340] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 340] ioctl(4, LOOP_SET_FD, 3 [pid 338] <... ioctl resumed>) = 0 [pid 338] close(3) = 0 [pid 338] close(4) = 0 [pid 338] mkdir("./file4", 0777) = 0 [pid 338] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 340] <... ioctl resumed>) = 0 [pid 340] close(3) = 0 [pid 340] close(4) = 0 [pid 340] mkdir("./file4", 0777) = 0 [ 26.015762][ T338] loop0: detected capacity change from 0 to 40427 [ 26.024373][ T340] loop2: detected capacity change from 0 to 40427 [ 26.030950][ T338] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 26.043622][ T340] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 26.046044][ T338] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 26.066161][ T340] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 26.066454][ T338] F2FS-fs (loop0): fault_injection options not supported [ 26.083110][ T334] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 26.100386][ T340] F2FS-fs (loop2): fault_injection options not supported [pid 340] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 334] <... mount resumed>) = 0 [pid 334] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 334] chdir("./file4") = 0 [pid 334] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 334] ioctl(4, LOOP_CLR_FD) = 0 [pid 334] close(4 [pid 344] <... write resumed>) = 20699119 [pid 344] munmap(0x7fc71771c000, 138412032) = 0 [pid 344] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 344] ioctl(4, LOOP_SET_FD, 3 [pid 334] <... close resumed>) = 0 [pid 334] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 334] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 333] <... futex resumed>) = 0 [pid 333] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 333] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 334] <... futex resumed>) = 0 [pid 334] fspick(AT_FDCWD, ".", 0) = 4 [pid 334] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 333] <... futex resumed>) = 0 [pid 334] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 333] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 344] <... ioctl resumed>) = 0 [pid 333] <... futex resumed>) = 0 [pid 344] close(3 [pid 333] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 344] <... close resumed>) = 0 [pid 334] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 344] close(4 [pid 334] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 344] <... close resumed>) = 0 [pid 344] mkdir("./file4", 0777) = 0 [ 26.118084][ T334] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 26.129358][ T340] F2FS-fs (loop2): fault_type options not supported [ 26.149461][ T340] F2FS-fs (loop2): invalid crc value [ 26.156123][ T344] loop1: detected capacity change from 0 to 40427 [pid 344] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 342] <... write resumed>) = 20699119 [pid 342] munmap(0x7fc71771c000, 138412032) = 0 [pid 342] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 342] ioctl(4, LOOP_SET_FD, 3 [pid 334] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 334] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 26.169466][ T344] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 26.169770][ T334] F2FS-fs (loop3): switch discard_unit option is not allowed [ 26.181404][ T340] F2FS-fs (loop2): Found nat_bits in checkpoint [ 26.191529][ T344] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 26.195989][ T338] F2FS-fs (loop0): fault_type options not supported [ 26.212987][ T342] loop4: detected capacity change from 0 to 40427 [pid 334] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 333] <... futex resumed>) = 0 [pid 333] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 334] <... futex resumed>) = 0 [pid 333] <... futex resumed>) = 1 [pid 334] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 334] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 334] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 333] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 333] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 334] <... futex resumed>) = 0 [pid 333] <... futex resumed>) = 1 [pid 334] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 333] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 334] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 334] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 333] <... futex resumed>) = 0 [pid 334] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 333] close(3) = 0 [pid 333] close(4 [pid 342] <... ioctl resumed>) = 0 [pid 333] <... close resumed>) = 0 [pid 333] close(5) = 0 [pid 333] close(6) = -1 EBADF (Bad file descriptor) [pid 333] close(7) = -1 EBADF (Bad file descriptor) [pid 333] close(8) = -1 EBADF (Bad file descriptor) [pid 333] close(9) = -1 EBADF (Bad file descriptor) [pid 333] close(10) = -1 EBADF (Bad file descriptor) [pid 333] close(11) = -1 EBADF (Bad file descriptor) [pid 333] close(12) = -1 EBADF (Bad file descriptor) [pid 333] close(13) = -1 EBADF (Bad file descriptor) [pid 333] close(14 [pid 342] close(3) = 0 [pid 333] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] close(15) = -1 EBADF (Bad file descriptor) [pid 333] close(16 [pid 342] close(4 [pid 333] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 333] close(17) = -1 EBADF (Bad file descriptor) [pid 333] close(18) = -1 EBADF (Bad file descriptor) [pid 333] close(19) = -1 EBADF (Bad file descriptor) [pid 333] close(20) = -1 EBADF (Bad file descriptor) [pid 333] close(21) = -1 EBADF (Bad file descriptor) [pid 333] close(22) = -1 EBADF (Bad file descriptor) [pid 333] close(23) = -1 EBADF (Bad file descriptor) [pid 333] close(24) = -1 EBADF (Bad file descriptor) [pid 342] <... close resumed>) = 0 [pid 333] close(25) = -1 EBADF (Bad file descriptor) [pid 333] close(26) = -1 EBADF (Bad file descriptor) [pid 333] close(27) = -1 EBADF (Bad file descriptor) [pid 333] close(28) = -1 EBADF (Bad file descriptor) [pid 333] close(29) = -1 EBADF (Bad file descriptor) [pid 333] exit_group(0 [pid 334] <... futex resumed>) = ? [pid 333] <... exit_group resumed>) = ? [pid 334] +++ exited with 0 +++ [pid 342] mkdir("./file4", 0777) = 0 [pid 333] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 342] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 26.214113][ T338] F2FS-fs (loop0): invalid crc value [ 26.226690][ T344] F2FS-fs (loop1): fault_injection options not supported [ 26.248621][ T342] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 26.256164][ T344] F2FS-fs (loop1): fault_type options not supported [ 26.263929][ T298] syz-executor248: attempt to access beyond end of device [ 26.263929][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 26.266472][ T342] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 26.279548][ T338] F2FS-fs (loop0): Found nat_bits in checkpoint [ 26.288509][ T342] F2FS-fs (loop4): fault_injection options not supported [ 26.301303][ T344] F2FS-fs (loop1): invalid crc value [ 26.307286][ T342] F2FS-fs (loop4): fault_type options not supported [pid 298] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 340] <... mount resumed>) = 0 [pid 340] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 340] chdir("./file4") = 0 [pid 340] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 340] ioctl(4, LOOP_CLR_FD) = 0 [pid 340] close(4) = 0 [pid 340] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 340] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 339] <... futex resumed>) = 0 [pid 339] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 340] <... futex resumed>) = 0 [pid 340] fspick(AT_FDCWD, ".", 0) = 4 [pid 340] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 340] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 339] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 339] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 340] <... futex resumed>) = 0 [pid 339] <... futex resumed>) = 1 [ 26.314994][ T340] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 26.322334][ T340] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 26.332393][ T344] F2FS-fs (loop1): Found nat_bits in checkpoint [ 26.358116][ T340] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 340] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 339] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 340] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 340] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 340] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 339] <... futex resumed>) = 0 [pid 339] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 340] <... futex resumed>) = 0 [pid 340] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 339] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 340] <... open resumed>) = 5 [pid 340] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 340] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 339] <... futex resumed>) = 0 [pid 339] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 340] <... futex resumed>) = 0 [pid 340] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 340] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 340] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 339] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 339] close(3) = 0 [pid 339] close(4) = 0 [pid 339] close(5) = 0 [pid 339] close(6) = -1 EBADF (Bad file descriptor) [pid 339] close(7) = -1 EBADF (Bad file descriptor) [pid 339] close(8) = -1 EBADF (Bad file descriptor) [pid 339] close(9) = -1 EBADF (Bad file descriptor) [pid 339] close(10) = -1 EBADF (Bad file descriptor) [pid 339] close(11) = -1 EBADF (Bad file descriptor) [pid 339] close(12) = -1 EBADF (Bad file descriptor) [pid 339] close(13) = -1 EBADF (Bad file descriptor) [pid 339] close(14) = -1 EBADF (Bad file descriptor) [pid 339] close(15) = -1 EBADF (Bad file descriptor) [pid 339] close(16) = -1 EBADF (Bad file descriptor) [pid 339] close(17) = -1 EBADF (Bad file descriptor) [pid 339] close(18) = -1 EBADF (Bad file descriptor) [pid 339] close(19) = -1 EBADF (Bad file descriptor) [pid 339] close(20) = -1 EBADF (Bad file descriptor) [pid 339] close(21) = -1 EBADF (Bad file descriptor) [pid 339] close(22) = -1 EBADF (Bad file descriptor) [pid 339] close(23) = -1 EBADF (Bad file descriptor) [pid 339] close(24) = -1 EBADF (Bad file descriptor) [pid 339] close(25) = -1 EBADF (Bad file descriptor) [pid 339] close(26) = -1 EBADF (Bad file descriptor) [pid 339] close(27) = -1 EBADF (Bad file descriptor) [pid 339] close(28) = -1 EBADF (Bad file descriptor) [pid 339] close(29) = -1 EBADF (Bad file descriptor) [pid 339] exit_group(0 [pid 340] <... futex resumed>) = ? [pid 339] <... exit_group resumed>) = ? [pid 340] +++ exited with 0 +++ [pid 339] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=9, si_stime=19} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 26.366206][ T342] F2FS-fs (loop4): invalid crc value [ 26.384243][ T342] F2FS-fs (loop4): Found nat_bits in checkpoint [ 26.405197][ T338] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 26.413408][ T293] syz-executor248: attempt to access beyond end of device [pid 293] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 338] <... mount resumed>) = 0 [pid 338] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 338] chdir("./file4") = 0 [pid 338] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 338] ioctl(4, LOOP_CLR_FD [pid 344] <... mount resumed>) = 0 [pid 338] <... ioctl resumed>) = 0 [pid 344] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 338] close(4) = 0 [pid 338] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 342] <... mount resumed>) = 0 [pid 342] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 342] chdir("./file4") = 0 [pid 342] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 338] <... futex resumed>) = 1 [pid 337] <... futex resumed>) = 0 [pid 344] <... openat resumed>) = 3 [pid 338] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 337] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 342] ioctl(4, LOOP_CLR_FD) = 0 [pid 342] close(4) = 0 [pid 342] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 341] <... futex resumed>) = 0 [pid 341] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 341] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 342] <... futex resumed>) = 1 [pid 342] fspick(AT_FDCWD, ".", 0) = 4 [pid 337] <... futex resumed>) = 0 [pid 338] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 344] chdir("./file4" [pid 342] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 341] <... futex resumed>) = 0 [pid 341] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 341] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 342] <... futex resumed>) = 1 [ 26.413408][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 26.428336][ T338] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 26.428692][ T344] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 26.446261][ T342] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 26.450466][ T344] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 26.460369][ T342] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 342] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 344] <... chdir resumed>) = 0 [pid 338] fspick(AT_FDCWD, ".", 0 [pid 337] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 344] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 338] <... fspick resumed>) = 4 [pid 344] <... openat resumed>) = 4 [pid 338] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 344] ioctl(4, LOOP_CLR_FD [pid 338] <... futex resumed>) = 1 [pid 337] <... futex resumed>) = 0 [pid 338] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 344] <... ioctl resumed>) = 0 [pid 338] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 344] close(4 [pid 337] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 344] <... close resumed>) = 0 [pid 338] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 344] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... futex resumed>) = 0 [pid 338] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 344] <... futex resumed>) = 1 [pid 343] <... futex resumed>) = 0 [pid 337] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 344] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 343] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 344] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 343] <... futex resumed>) = 0 [pid 344] fspick(AT_FDCWD, ".", 0 [pid 343] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 344] <... fspick resumed>) = 4 [pid 344] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 343] <... futex resumed>) = 0 [pid 344] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 343] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 344] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 343] <... futex resumed>) = 0 [pid 344] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 343] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 344] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 342] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 342] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 341] <... futex resumed>) = 0 [pid 341] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 341] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 342] <... futex resumed>) = 1 [pid 342] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 342] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 341] <... futex resumed>) = 0 [pid 341] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 341] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 342] <... futex resumed>) = 1 [pid 342] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 342] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 341] <... futex resumed>) = 0 [pid 341] close(3) = 0 [pid 341] close(4) = 0 [pid 341] close(5) = 0 [pid 341] close(6) = -1 EBADF (Bad file descriptor) [pid 341] close(7) = -1 EBADF (Bad file descriptor) [pid 341] close(8) = -1 EBADF (Bad file descriptor) [pid 341] close(9) = -1 EBADF (Bad file descriptor) [pid 341] close(10) = -1 EBADF (Bad file descriptor) [pid 341] close(11) = -1 EBADF (Bad file descriptor) [pid 341] close(12) = -1 EBADF (Bad file descriptor) [pid 341] close(13) = -1 EBADF (Bad file descriptor) [pid 341] close(14) = -1 EBADF (Bad file descriptor) [pid 341] close(15) = -1 EBADF (Bad file descriptor) [pid 341] close(16) = -1 EBADF (Bad file descriptor) [pid 341] close(17) = -1 EBADF (Bad file descriptor) [pid 341] close(18) = -1 EBADF (Bad file descriptor) [pid 341] close(19) = -1 EBADF (Bad file descriptor) [pid 341] close(20) = -1 EBADF (Bad file descriptor) [pid 341] close(21) = -1 EBADF (Bad file descriptor) [pid 341] close(22) = -1 EBADF (Bad file descriptor) [pid 341] close(23) = -1 EBADF (Bad file descriptor) [pid 341] close(24) = -1 EBADF (Bad file descriptor) [pid 341] close(25) = -1 EBADF (Bad file descriptor) [pid 341] close(26) = -1 EBADF (Bad file descriptor) [pid 341] close(27) = -1 EBADF (Bad file descriptor) [pid 341] close(28) = -1 EBADF (Bad file descriptor) [pid 341] close(29) = -1 EBADF (Bad file descriptor) [pid 341] exit_group(0) = ? [pid 342] <... futex resumed>) = ? [pid 342] +++ exited with 0 +++ [pid 341] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=7, si_stime=22} --- [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 338] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 337] <... futex resumed>) = 0 [pid 338] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 337] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... open resumed>) = 5 [pid 338] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 337] <... futex resumed>) = 0 [pid 338] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 337] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 337] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 338] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 338] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 337] <... futex resumed>) = 0 [pid 338] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 337] close(3 [pid 344] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 337] <... close resumed>) = 0 [pid 344] <... futex resumed>) = 1 [pid 337] close(4 [pid 343] <... futex resumed>) = 0 [pid 299] <... restart_syscall resumed>) = 0 [pid 298] <... umount2 resumed>) = 0 [pid 344] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 337] <... close resumed>) = 0 [pid 343] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 337] close(5 [pid 343] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] <... futex resumed>) = 0 [pid 344] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 337] <... close resumed>) = 0 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 344] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 344] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 343] <... futex resumed>) = 0 [pid 337] close(6 [pid 343] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 344] <... futex resumed>) = 0 [pid 343] <... futex resumed>) = 1 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 299] <... openat resumed>) = 3 [pid 344] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 344] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 344] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 343] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 337] close(7 [pid 299] newfstatat(3, "", [pid 343] close(3 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] <... close resumed>) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 343] close(4 [pid 337] close(8 [pid 299] getdents64(3, [pid 343] <... close resumed>) = 0 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 299] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 343] close(5 [pid 337] close(9 [ 26.493416][ T342] F2FS-fs (loop4): switch discard_unit option is not allowed [ 26.502199][ T338] F2FS-fs (loop0): switch discard_unit option is not allowed [ 26.511338][ T344] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 299] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... close resumed>) = 0 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] close(6) = -1 EBADF (Bad file descriptor) [pid 337] close(10 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] close(7 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] newfstatat(AT_FDCWD, "./1/file4", [pid 343] close(8 [pid 337] close(11 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 337] close(12 [pid 343] close(9 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] close(10 [pid 337] close(13 [pid 298] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... openat resumed>) = 4 [pid 337] close(14 [pid 343] close(11 [pid 298] newfstatat(4, "", [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 343] close(12 [pid 337] close(15 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] getdents64(4, [pid 343] close(13 [pid 337] close(16 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 343] close(14 [pid 337] close(17 [pid 298] getdents64(4, [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 343] close(15 [pid 337] close(18 [pid 298] close(4 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... close resumed>) = 0 [pid 343] close(16 [pid 337] close(19 [pid 298] rmdir("./1/file4" [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] close(17 [pid 337] close(20 [pid 298] <... rmdir resumed>) = 0 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] close(18 [pid 337] close(21 [pid 298] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 343] close(19 [pid 337] close(22 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] newfstatat(AT_FDCWD, "./1/binderfs", [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] close(20 [pid 298] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] close(23 [pid 298] unlink("./1/binderfs" [pid 343] close(21 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... unlink resumed>) = 0 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] close(24 [pid 343] close(22 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] getdents64(3, [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] close(25 [pid 343] close(23 [pid 298] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] close(24 [pid 337] close(26 [pid 298] close(3 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... close resumed>) = 0 [pid 343] close(25 [pid 337] close(27 [pid 298] rmdir("./1" [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... rmdir resumed>) = 0 [pid 337] close(28 [pid 343] close(26 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] mkdir("./2", 0777 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] close(29 [pid 298] <... mkdir resumed>) = 0 [pid 337] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 343] close(27 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 337] exit_group(0 [pid 343] close(28 [pid 298] <... openat resumed>) = 3 [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 338] <... futex resumed>) = ? [pid 337] <... exit_group resumed>) = ? [pid 343] close(29 [pid 338] +++ exited with 0 +++ [pid 298] ioctl(3, LOOP_CLR_FD [pid 337] +++ exited with 0 +++ [pid 343] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 343] exit_group(0 [pid 298] close(3 [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 344] <... futex resumed>) = ? [pid 343] <... exit_group resumed>) = ? [pid 344] +++ exited with 0 +++ [pid 298] <... close resumed>) = 0 [pid 343] +++ exited with 0 +++ [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] <... restart_syscall resumed>) = 0 [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 294] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 6 [pid 297] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [ 26.545424][ T299] syz-executor248: attempt to access beyond end of device [ 26.545424][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 executing program [pid 294] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... openat resumed>) = 3 [pid 297] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] newfstatat(3, "", [pid 297] <... openat resumed>) = 3 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] newfstatat(3, "", [pid 294] getdents64(3, [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] getdents64(3, [pid 294] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 365 attached [pid 365] set_robust_list(0x5555875796a0, 24) = 0 [pid 365] chdir("./2") = 0 [pid 365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 365] setpgid(0, 0) = 0 [pid 365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 365] write(3, "1000", 4) = 4 [pid 365] close(3) = 0 [pid 365] symlink("/dev/binderfs", "./binderfs") = 0 [pid 365] write(1, "executing program\n", 18) = 18 [pid 365] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 365] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 365] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 365] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 365] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 365] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[7]}, 88) = 7 [pid 365] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 365] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 366 attached [pid 366] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 366] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 366] memfd_create("syzkaller", 0) = 3 [pid 366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 26.587224][ T294] syz-executor248: attempt to access beyond end of device [ 26.587224][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 26.603277][ T297] syz-executor248: attempt to access beyond end of device [ 26.603277][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./1/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./1/file4") = 0 [pid 293] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./1/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./1") = 0 [pid 293] mkdir("./2", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 6 ./strace-static-x86_64: Process 367 attached [pid 367] set_robust_list(0x5555875796a0, 24) = 0 [pid 367] chdir("./2") = 0 [pid 367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 367] setpgid(0, 0) = 0 [pid 367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 367] write(3, "1000", 4) = 4 [pid 367] close(3) = 0 [pid 367] symlink("/dev/binderfs", "./binderfs") = 0 [pid 367] write(1, "executing program\n", 18executing program ) = 18 [pid 367] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 367] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 367] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 367] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 367] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 367] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 367] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[7]}, 88) = 7 [pid 367] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 367] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 367] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 368 attached [pid 368] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 368] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 368] memfd_create("syzkaller", 0) = 3 [pid 368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... umount2 resumed>) = 0 [pid 366] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 299] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./1/file4", [pid 294] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./1/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 299] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... openat resumed>) = 4 [pid 294] newfstatat(4, "", [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, [pid 299] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./1/file4") = 0 [pid 294] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... openat resumed>) = 4 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./1/binderfs" [pid 299] newfstatat(4, "", [pid 294] <... unlink resumed>) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./1") = 0 [pid 299] getdents64(4, [pid 294] mkdir("./2", 0777 [pid 299] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, [pid 294] <... mkdir resumed>) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 299] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4 [pid 294] <... openat resumed>) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] <... close resumed>) = 0 [pid 294] close(3 [pid 299] rmdir("./1/file4" [pid 294] <... close resumed>) = 0 [pid 299] <... rmdir resumed>) = 0 [pid 299] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./1/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./1") = 0 [pid 299] mkdir("./2", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 6 [pid 297] <... umount2 resumed>) = 0 [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 6 ./strace-static-x86_64: Process 370 attached [pid 297] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 369 attached [pid 369] set_robust_list(0x5555875796a0, 24) = 0 [pid 369] chdir("./2" [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 369] <... chdir resumed>) = 0 [pid 297] newfstatat(AT_FDCWD, "./1/file4", [pid 370] set_robust_list(0x5555875796a0, 24 [pid 369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 369] setpgid(0, 0) = 0 [pid 370] <... set_robust_list resumed>) = 0 [pid 297] umount2("./1/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 370] chdir("./2" [pid 369] write(3, "1000", 4) = 4 [pid 369] close(3) = 0 [pid 369] symlink("/dev/binderfs", "./binderfs" [pid 297] openat(AT_FDCWD, "./1/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 369] <... symlink resumed>) = 0 [pid 297] <... openat resumed>) = 4 [pid 369] write(1, "executing program\n", 18 [pid 370] <... chdir resumed>) = 0 executing program [pid 297] newfstatat(4, "", [pid 369] <... write resumed>) = 18 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 369] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] getdents64(4, [pid 369] <... futex resumed>) = 0 [pid 369] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 370] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 297] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 370] <... prctl resumed>) = 0 [pid 369] <... rt_sigaction resumed>NULL, 8) = 0 [pid 297] getdents64(4, [pid 369] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 369] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 370] setpgid(0, 0 [pid 297] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4 [pid 370] <... setpgid resumed>) = 0 [pid 297] <... close resumed>) = 0 [pid 297] rmdir("./1/file4" [pid 370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 297] <... rmdir resumed>) = 0 [pid 297] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 370] <... openat resumed>) = 3 [pid 369] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 297] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 370] write(3, "1000", 4 [pid 297] unlink("./1/binderfs" [pid 369] <... mprotect resumed>) = 0 [pid 297] <... unlink resumed>) = 0 [pid 370] <... write resumed>) = 4 [pid 297] getdents64(3, [pid 370] close(3 [pid 297] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3 [pid 370] <... close resumed>) = 0 [pid 297] <... close resumed>) = 0 [pid 297] rmdir("./1" [pid 370] symlink("/dev/binderfs", "./binderfs" [pid 297] <... rmdir resumed>) = 0 [pid 297] mkdir("./2", 0777 [pid 369] rt_sigprocmask(SIG_BLOCK, ~[], [pid 370] <... symlink resumed>) = 0 [pid 297] <... mkdir resumed>) = 0 [pid 369] <... rt_sigprocmask resumed>[], 8) = 0 executing program [pid 370] write(1, "executing program\n", 18 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 369] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 297] <... openat resumed>) = 3 [pid 370] <... write resumed>) = 18 [pid 297] ioctl(3, LOOP_CLR_FD [pid 370] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 297] close(3 [pid 370] <... futex resumed>) = 0 [pid 370] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 297] <... close resumed>) = 0 [pid 370] <... rt_sigaction resumed>NULL, 8) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 369] <... clone3 resumed> => {parent_tid=[7]}, 88) = 7 [pid 369] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 370] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 369] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 369] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 370] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 297] <... clone resumed>, child_tidptr=0x555587579690) = 6 [pid 370] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 370] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 370] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 370] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[7]}, 88) = 7 [pid 370] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 371 attached [pid 370] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 370] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 371] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 371] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 371] memfd_create("syzkaller", 0./strace-static-x86_64: Process 372 attached ) = 3 [pid 371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 372] set_robust_list(0x5555875796a0, 24) = 0 [pid 372] chdir("./2") = 0 [pid 372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 372] setpgid(0, 0./strace-static-x86_64: Process 373 attached [pid 373] set_robust_list(0x7fc71fb3c9a0, 24 [pid 372] <... setpgid resumed>) = 0 [pid 372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 373] <... set_robust_list resumed>) = 0 [pid 373] rt_sigprocmask(SIG_SETMASK, [], [pid 372] <... openat resumed>) = 3 [pid 372] write(3, "1000", 4 [pid 373] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 372] <... write resumed>) = 4 [pid 372] close(3) = 0 [pid 372] symlink("/dev/binderfs", "./binderfs" [pid 373] memfd_create("syzkaller", 0 [pid 372] <... symlink resumed>) = 0 [pid 372] write(1, "executing program\n", 18 [pid 373] <... memfd_create resumed>) = 3 executing program [pid 373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 372] <... write resumed>) = 18 [pid 372] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 373] <... mmap resumed>) = 0x7fc71771c000 [pid 372] <... futex resumed>) = 0 [pid 372] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 372] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 372] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 372] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 372] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 372] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[7]}, 88) = 7 [pid 372] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 372] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 372] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 374 attached [pid 374] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 374] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 374] memfd_create("syzkaller", 0) = 3 [pid 374] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 366] <... write resumed>) = 20699119 [pid 366] munmap(0x7fc71771c000, 138412032) = 0 [pid 366] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 366] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 366] close(3) = 0 [pid 366] close(4) = 0 [pid 366] mkdir("./file4", 0777) = 0 [ 27.047174][ T366] loop3: detected capacity change from 0 to 40427 [ 27.069531][ T366] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 366] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 373] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 374] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 368] <... write resumed>) = 20699119 [pid 368] munmap(0x7fc71771c000, 138412032) = 0 [pid 368] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 27.097629][ T366] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 27.130397][ T366] F2FS-fs (loop3): fault_injection options not supported [ 27.137478][ T366] F2FS-fs (loop3): fault_type options not supported [pid 368] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 368] close(3) = 0 [pid 368] close(4) = 0 [pid 368] mkdir("./file4", 0777) = 0 [ 27.153462][ T368] loop2: detected capacity change from 0 to 40427 [ 27.172241][ T366] F2FS-fs (loop3): invalid crc value [ 27.179739][ T368] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 368] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 373] <... write resumed>) = 20699119 [pid 373] munmap(0x7fc71771c000, 138412032) = 0 [ 27.200386][ T368] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 27.208689][ T368] F2FS-fs (loop2): fault_injection options not supported [ 27.222104][ T368] F2FS-fs (loop2): fault_type options not supported [ 27.241039][ T368] F2FS-fs (loop2): invalid crc value [ 27.241243][ T366] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 373] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 373] close(3) = 0 [pid 373] close(4) = 0 [pid 373] mkdir("./file4", 0777) = 0 [pid 373] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 371] <... write resumed>) = 20699119 [pid 374] <... write resumed>) = 20699119 [pid 371] munmap(0x7fc71771c000, 138412032 [pid 374] munmap(0x7fc71771c000, 138412032 [pid 371] <... munmap resumed>) = 0 [pid 371] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 27.256133][ T373] loop0: detected capacity change from 0 to 40427 [ 27.275125][ T373] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 27.287733][ T373] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 27.296961][ T368] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 371] ioctl(4, LOOP_SET_FD, 3 [pid 374] <... munmap resumed>) = 0 [pid 374] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 374] ioctl(4, LOOP_SET_FD, 3 [pid 371] <... ioctl resumed>) = 0 [pid 371] close(3) = 0 [pid 371] close(4) = 0 [pid 371] mkdir("./file4", 0777) = 0 [pid 371] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 374] <... ioctl resumed>) = 0 [pid 374] close(3) = 0 [pid 374] close(4) = 0 [pid 374] mkdir("./file4", 0777) = 0 [ 27.312239][ T371] loop4: detected capacity change from 0 to 40427 [ 27.312353][ T373] F2FS-fs (loop0): fault_injection options not supported [ 27.327392][ T374] loop1: detected capacity change from 0 to 40427 [ 27.341926][ T374] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 27.346833][ T371] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 27.349706][ T374] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 27.369526][ T366] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 27.376955][ T371] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 27.385206][ T373] F2FS-fs (loop0): fault_type options not supported [ 27.386695][ T366] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 27.395780][ T374] F2FS-fs (loop1): fault_injection options not supported [pid 374] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 366] <... mount resumed>) = 0 [pid 366] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [ 27.401045][ T371] F2FS-fs (loop4): fault_injection options not supported [ 27.408875][ T374] F2FS-fs (loop1): fault_type options not supported [ 27.424004][ T373] F2FS-fs (loop0): invalid crc value [ 27.424037][ T371] F2FS-fs (loop4): fault_type options not supported [ 27.430622][ T368] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 27.444308][ T374] F2FS-fs (loop1): invalid crc value [ 27.451232][ T371] F2FS-fs (loop4): invalid crc value [pid 366] chdir("./file4") = 0 [pid 366] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 366] ioctl(4, LOOP_CLR_FD [pid 368] <... mount resumed>) = 0 [pid 366] <... ioctl resumed>) = 0 [pid 368] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 366] close(4 [pid 368] <... openat resumed>) = 3 [pid 366] <... close resumed>) = 0 [pid 368] chdir("./file4" [pid 366] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 365] <... futex resumed>) = 0 [pid 368] <... chdir resumed>) = 0 [pid 365] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 366] fspick(AT_FDCWD, ".", 0 [pid 368] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 366] <... fspick resumed>) = 4 [pid 368] <... openat resumed>) = 4 [pid 366] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] ioctl(4, LOOP_CLR_FD [pid 366] <... futex resumed>) = 1 [pid 368] <... ioctl resumed>) = 0 [pid 365] <... futex resumed>) = 0 [pid 368] close(4 [pid 366] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 365] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 368] <... close resumed>) = 0 [pid 366] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 365] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 367] <... futex resumed>) = 0 [pid 366] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 367] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] fspick(AT_FDCWD, ".", 0 [pid 367] <... futex resumed>) = 0 [pid 367] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... fspick resumed>) = 4 [pid 368] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 367] <... futex resumed>) = 0 [pid 367] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 367] <... futex resumed>) = 0 [ 27.452601][ T373] F2FS-fs (loop0): Found nat_bits in checkpoint [ 27.457658][ T368] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 27.472744][ T374] F2FS-fs (loop1): Found nat_bits in checkpoint [ 27.492746][ T366] F2FS-fs (loop3): switch discard_unit option is not allowed [ 27.500388][ T371] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 367] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 368] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 366] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 366] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 367] <... futex resumed>) = 0 [pid 366] <... futex resumed>) = 1 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 365] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 367] <... futex resumed>) = 0 [pid 366] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 367] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 366] <... open resumed>) = 5 [pid 368] <... open resumed>) = 5 [pid 366] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 368] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 365] <... futex resumed>) = 0 [pid 365] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 368] <... futex resumed>) = 1 [pid 367] <... futex resumed>) = 0 [pid 366] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 365] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 367] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 366] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 367] <... futex resumed>) = 0 [pid 366] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 368] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 367] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 366] <... futex resumed>) = 1 [pid 365] <... futex resumed>) = 0 [pid 365] close(3) = 0 [pid 368] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 366] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 365] close(4) = 0 [pid 365] close(5 [pid 368] <... futex resumed>) = 1 [pid 367] <... futex resumed>) = 0 [pid 368] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 367] close(3 [pid 365] <... close resumed>) = 0 [pid 367] <... close resumed>) = 0 [pid 367] close(4 [pid 365] close(6 [pid 367] <... close resumed>) = 0 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(5) = 0 [pid 365] close(7 [pid 367] close(6 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(7 [pid 365] close(8 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(8 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(9 [pid 365] close(9 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(10 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(11 [pid 365] close(10 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(12 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(13) = -1 EBADF (Bad file descriptor) [pid 365] close(11 [pid 367] close(14) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(15) = -1 EBADF (Bad file descriptor) [pid 367] close(16 [pid 365] close(12 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(17 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(18 [pid 365] close(13 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(19 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(20 [pid 365] close(14 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(21 [pid 365] close(15 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(22 [pid 365] close(16 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(23 [pid 365] close(17 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(24 [pid 365] close(18 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(25 [pid 365] close(19 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(26 [pid 365] close(20) = -1 EBADF (Bad file descriptor) [pid 365] close(21) = -1 EBADF (Bad file descriptor) [pid 365] close(22) = -1 EBADF (Bad file descriptor) [pid 365] close(23) = -1 EBADF (Bad file descriptor) [pid 365] close(24) = -1 EBADF (Bad file descriptor) [pid 365] close(25) = -1 EBADF (Bad file descriptor) [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] close(26 [pid 367] close(27 [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] close(27 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(28 [pid 365] close(28 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] close(29 [pid 365] close(29 [pid 367] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 365] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 367] exit_group(0 [pid 365] exit_group(0 [pid 368] <... futex resumed>) = ? [pid 367] <... exit_group resumed>) = ? [pid 366] <... futex resumed>) = ? [pid 365] <... exit_group resumed>) = ? [pid 368] +++ exited with 0 +++ [pid 367] +++ exited with 0 +++ [pid 366] +++ exited with 0 +++ [pid 365] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=5, si_stime=26} --- [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... restart_syscall resumed>) = 0 [pid 374] <... mount resumed>) = 0 [pid 374] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [ 27.507674][ T368] F2FS-fs (loop2): switch discard_unit option is not allowed [ 27.508581][ T374] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 27.550747][ T374] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 293] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 374] <... openat resumed>) = 3 [pid 293] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 374] chdir("./file4" [pid 293] <... openat resumed>) = 3 [pid 374] <... chdir resumed>) = 0 [pid 374] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 374] <... openat resumed>) = 4 [pid 293] getdents64(3, [pid 374] ioctl(4, LOOP_CLR_FD [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 374] <... ioctl resumed>) = 0 [pid 293] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 374] close(4) = 0 [pid 374] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 372] <... futex resumed>) = 0 [pid 374] fspick(AT_FDCWD, ".", 0 [pid 372] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 374] <... fspick resumed>) = 4 [pid 372] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 374] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 372] <... futex resumed>) = 0 [pid 372] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 374] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 373] <... mount resumed>) = 0 [pid 373] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 373] chdir("./file4") = 0 [pid 373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 373] ioctl(4, LOOP_CLR_FD) = 0 [pid 373] close(4 [pid 372] <... futex resumed>) = 0 [pid 372] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 374] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 374] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 372] <... futex resumed>) = 0 [pid 372] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 372] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 374] <... futex resumed>) = 1 [pid 374] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 374] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 372] <... futex resumed>) = 0 [pid 372] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 372] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 374] <... futex resumed>) = 1 [pid 374] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 374] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 372] <... futex resumed>) = 0 [pid 372] close(3) = 0 [pid 372] close(4) = 0 [pid 372] close(5) = 0 [pid 372] close(6) = -1 EBADF (Bad file descriptor) [pid 372] close(7) = -1 EBADF (Bad file descriptor) [pid 372] close(8) = -1 EBADF (Bad file descriptor) [pid 372] close(9) = -1 EBADF (Bad file descriptor) [pid 372] close(10) = -1 EBADF (Bad file descriptor) [pid 372] close(11) = -1 EBADF (Bad file descriptor) [pid 372] close(12) = -1 EBADF (Bad file descriptor) [pid 372] close(13) = -1 EBADF (Bad file descriptor) [pid 372] close(14) = -1 EBADF (Bad file descriptor) [pid 372] close(15) = -1 EBADF (Bad file descriptor) [pid 372] close(16) = -1 EBADF (Bad file descriptor) [pid 372] close(17) = -1 EBADF (Bad file descriptor) [pid 372] close(18) = -1 EBADF (Bad file descriptor) [pid 372] close(19) = -1 EBADF (Bad file descriptor) [pid 372] close(20) = -1 EBADF (Bad file descriptor) [pid 372] close(21) = -1 EBADF (Bad file descriptor) [pid 372] close(22) = -1 EBADF (Bad file descriptor) [pid 372] close(23) = -1 EBADF (Bad file descriptor) [pid 372] close(24) = -1 EBADF (Bad file descriptor) [pid 372] close(25) = -1 EBADF (Bad file descriptor) [pid 372] close(26) = -1 EBADF (Bad file descriptor) [pid 372] close(27) = -1 EBADF (Bad file descriptor) [pid 372] close(28) = -1 EBADF (Bad file descriptor) [pid 372] close(29) = -1 EBADF (Bad file descriptor) [pid 372] exit_group(0) = ? [pid 374] <... futex resumed>) = ? [pid 374] +++ exited with 0 +++ [pid 372] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 297] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 373] <... close resumed>) = 0 [pid 373] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 370] <... futex resumed>) = 0 [pid 370] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 27.564932][ T373] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 27.585948][ T373] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 27.595097][ T374] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 370] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 373] fspick(AT_FDCWD, ".", 0) = 4 [pid 373] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 370] <... futex resumed>) = 0 [pid 373] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 370] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 373] <... futex resumed>) = 0 [pid 370] <... futex resumed>) = 1 [pid 373] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 370] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 371] <... mount resumed>) = 0 [pid 371] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 371] chdir("./file4") = 0 [pid 371] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 371] ioctl(4, LOOP_CLR_FD) = 0 [pid 371] close(4) = 0 [pid 371] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 371] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] <... futex resumed>) = 0 [pid 369] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 371] <... futex resumed>) = 0 [pid 369] <... futex resumed>) = 1 [pid 371] fspick(AT_FDCWD, ".", 0 [pid 369] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 371] <... fspick resumed>) = 4 [pid 371] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 369] <... futex resumed>) = 0 [pid 371] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 369] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 369] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 373] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 373] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 370] <... futex resumed>) = 0 [pid 373] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 370] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 373] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 370] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 373] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 373] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 370] <... futex resumed>) = 0 [pid 370] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 373] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 370] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 373] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 373] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 370] <... futex resumed>) = 0 [pid 370] close(3) = 0 [pid 373] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 370] close(4) = 0 [pid 370] close(5) = 0 [pid 370] close(6) = -1 EBADF (Bad file descriptor) [pid 370] close(7) = -1 EBADF (Bad file descriptor) [pid 370] close(8) = -1 EBADF (Bad file descriptor) [pid 371] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 370] close(9) = -1 EBADF (Bad file descriptor) [pid 370] close(10) = -1 EBADF (Bad file descriptor) [pid 370] close(11) = -1 EBADF (Bad file descriptor) [pid 370] close(12) = -1 EBADF (Bad file descriptor) [pid 370] close(13) = -1 EBADF (Bad file descriptor) [pid 370] close(14) = -1 EBADF (Bad file descriptor) [pid 370] close(15) = -1 EBADF (Bad file descriptor) [pid 370] close(16) = -1 EBADF (Bad file descriptor) [pid 370] close(17) = -1 EBADF (Bad file descriptor) [pid 370] close(18) = -1 EBADF (Bad file descriptor) [pid 370] close(19) = -1 EBADF (Bad file descriptor) [pid 370] close(20) = -1 EBADF (Bad file descriptor) [pid 370] close(21) = -1 EBADF (Bad file descriptor) [pid 370] close(22) = -1 EBADF (Bad file descriptor) [pid 370] close(23) = -1 EBADF (Bad file descriptor) [pid 370] close(24) = -1 EBADF (Bad file descriptor) [pid 370] close(25) = -1 EBADF (Bad file descriptor) [pid 370] close(26) = -1 EBADF (Bad file descriptor) [pid 370] close(27) = -1 EBADF (Bad file descriptor) [pid 370] close(28) = -1 EBADF (Bad file descriptor) [pid 370] close(29) = -1 EBADF (Bad file descriptor) [pid 370] exit_group(0) = ? [pid 373] <... futex resumed>) = ? [pid 373] +++ exited with 0 +++ [pid 370] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 371] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 369] <... futex resumed>) = 0 [pid 369] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 369] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 27.641184][ T371] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 27.648879][ T371] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 27.657413][ T373] F2FS-fs (loop0): switch discard_unit option is not allowed [ 27.671724][ T371] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 371] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 371] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 369] <... futex resumed>) = 0 [pid 371] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 369] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 371] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 369] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 371] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 369] <... futex resumed>) = 0 [pid 369] close(3 [pid 371] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 369] <... close resumed>) = 0 [pid 369] close(4) = 0 [pid 369] close(5) = 0 [pid 369] close(6) = -1 EBADF (Bad file descriptor) [pid 369] close(7) = -1 EBADF (Bad file descriptor) [pid 369] close(8) = -1 EBADF (Bad file descriptor) [pid 369] close(9) = -1 EBADF (Bad file descriptor) [pid 369] close(10) = -1 EBADF (Bad file descriptor) [pid 369] close(11) = -1 EBADF (Bad file descriptor) [pid 369] close(12) = -1 EBADF (Bad file descriptor) [pid 369] close(13) = -1 EBADF (Bad file descriptor) [pid 369] close(14) = -1 EBADF (Bad file descriptor) [pid 369] close(15) = -1 EBADF (Bad file descriptor) [pid 369] close(16) = -1 EBADF (Bad file descriptor) [pid 369] close(17) = -1 EBADF (Bad file descriptor) [pid 369] close(18) = -1 EBADF (Bad file descriptor) [pid 369] close(19) = -1 EBADF (Bad file descriptor) [pid 369] close(20) = -1 EBADF (Bad file descriptor) [pid 369] close(21) = -1 EBADF (Bad file descriptor) [pid 369] close(22) = -1 EBADF (Bad file descriptor) [pid 369] close(23) = -1 EBADF (Bad file descriptor) [pid 369] close(24) = -1 EBADF (Bad file descriptor) [pid 369] close(25) = -1 EBADF (Bad file descriptor) [pid 369] close(26) = -1 EBADF (Bad file descriptor) [pid 369] close(27) = -1 EBADF (Bad file descriptor) [pid 369] close(28) = -1 EBADF (Bad file descriptor) [pid 369] close(29) = -1 EBADF (Bad file descriptor) [pid 369] exit_group(0 [pid 371] <... futex resumed>) = ? [pid 369] <... exit_group resumed>) = ? [pid 371] +++ exited with 0 +++ [pid 369] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6, si_uid=0, si_status=0, si_utime=8, si_stime=19} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./2/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./2/file4") = 0 [pid 298] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./2/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./2") = 0 [pid 298] mkdir("./3", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 8 [pid 293] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 396 attached [pid 396] set_robust_list(0x5555875796a0, 24) = 0 [pid 396] chdir("./3") = 0 [pid 396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 396] setpgid(0, 0) = 0 [pid 396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 396] write(3, "1000", 4) = 4 [pid 396] close(3) = 0 [pid 396] symlink("/dev/binderfs", "./binderfs") = 0 [pid 396] write(1, "executing program\n", 18executing program ) = 18 [pid 396] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 396] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 396] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 396] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 396] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 396] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[9]}, 88) = 9 [pid 396] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 396] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 397 attached [pid 397] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 397] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 293] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./2/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./2/file4") = 0 [pid 293] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 397] memfd_create("syzkaller", 0) = 3 [pid 397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./2/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./2") = 0 [pid 293] mkdir("./3", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 8 ./strace-static-x86_64: Process 398 attached [pid 398] set_robust_list(0x5555875796a0, 24) = 0 [pid 398] chdir("./3") = 0 [pid 398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 398] setpgid(0, 0) = 0 [pid 398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 398] write(3, "1000", 4) = 4 [pid 398] close(3) = 0 [pid 398] symlink("/dev/binderfs", "./binderfs") = 0 [pid 398] write(1, "executing program\n", 18executing program ) = 18 [pid 398] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 398] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 398] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 398] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 398] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[9]}, 88) = 9 [pid 398] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 398] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 399 attached [pid 399] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 399] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 399] memfd_create("syzkaller", 0) = 3 [pid 399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./2/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./2/file4") = 0 [pid 297] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./2/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./2") = 0 [pid 297] mkdir("./3", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 294] <... umount2 resumed>) = 0 [pid 297] <... openat resumed>) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 294] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./2/file4", [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 8 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./2/file4") = 0 [pid 294] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./2/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./2") = 0 [pid 294] mkdir("./3", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 400 attached , child_tidptr=0x555587579690) = 8 [pid 400] set_robust_list(0x5555875796a0, 24) = 0 [pid 400] chdir("./3") = 0 [pid 400] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 400] setpgid(0, 0) = 0 [pid 400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 400] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 401 attached [pid 401] set_robust_list(0x5555875796a0, 24 [pid 400] close(3 [pid 401] <... set_robust_list resumed>) = 0 [pid 401] chdir("./3" [pid 400] <... close resumed>) = 0 [pid 401] <... chdir resumed>) = 0 [pid 400] symlink("/dev/binderfs", "./binderfs" [pid 401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 400] <... symlink resumed>) = 0 executing program [pid 401] setpgid(0, 0 [pid 400] write(1, "executing program\n", 18 [pid 401] <... setpgid resumed>) = 0 [pid 400] <... write resumed>) = 18 [pid 400] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 400] <... futex resumed>) = 0 [pid 400] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 401] <... openat resumed>) = 3 [pid 400] <... rt_sigaction resumed>NULL, 8) = 0 [pid 401] write(3, "1000", 4) = 4 [pid 400] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 401] close(3) = 0 [pid 400] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 401] symlink("/dev/binderfs", "./binderfs" [pid 400] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 401] <... symlink resumed>) = 0 executing program [pid 401] write(1, "executing program\n", 18 [pid 400] <... mmap resumed>) = 0x7fc71fb1c000 [pid 401] <... write resumed>) = 18 [pid 401] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 401] <... futex resumed>) = 0 [pid 401] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 400] <... mprotect resumed>) = 0 [pid 401] <... rt_sigaction resumed>NULL, 8) = 0 [pid 401] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 400] rt_sigprocmask(SIG_BLOCK, ~[], [pid 401] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 401] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 400] <... rt_sigprocmask resumed>[], 8) = 0 [pid 401] <... mmap resumed>) = 0x7fc71fb1c000 [pid 400] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 401] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 400] <... clone3 resumed> => {parent_tid=[9]}, 88) = 9 [pid 401] rt_sigprocmask(SIG_BLOCK, ~[], [pid 400] rt_sigprocmask(SIG_SETMASK, [], [pid 401] <... rt_sigprocmask resumed>[], 8) = 0 [pid 401] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 400] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 400] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] <... clone3 resumed> => {parent_tid=[9]}, 88) = 9 [pid 400] <... futex resumed>) = 0 [pid 401] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 400] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 401] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 401] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 402 attached [pid 402] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 402] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 402] memfd_create("syzkaller", 0) = 3 [pid 402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 403 attached [pid 403] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 403] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 403] memfd_create("syzkaller", 0) = 3 [pid 403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./2/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./2/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./2/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./2/file4") = 0 [pid 299] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./2/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./2") = 0 [pid 299] mkdir("./3", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 8 ./strace-static-x86_64: Process 404 attached [pid 404] set_robust_list(0x5555875796a0, 24) = 0 [pid 404] chdir("./3") = 0 [pid 404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 404] setpgid(0, 0) = 0 [pid 404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 404] write(3, "1000", 4) = 4 [pid 404] close(3) = 0 [pid 404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 404] write(1, "executing program\n", 18executing program ) = 18 [pid 404] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 404] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 404] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 404] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 404] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 404] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 404] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[9]}, 88) = 9 [pid 404] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 404] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 404] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 405 attached [pid 405] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 405] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 405] memfd_create("syzkaller", 0) = 3 [pid 405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 403] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 397] <... write resumed>) = 20699119 [pid 397] munmap(0x7fc71771c000, 138412032) = 0 [pid 397] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 397] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 397] close(3) = 0 [pid 397] close(4) = 0 [pid 397] mkdir("./file4", 0777) = 0 [ 28.272518][ T397] loop3: detected capacity change from 0 to 40427 [ 28.311948][ T397] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 397] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 402] <... write resumed>) = 20699119 [pid 399] <... write resumed>) = 20699119 [pid 402] munmap(0x7fc71771c000, 138412032 [pid 399] munmap(0x7fc71771c000, 138412032) = 0 [pid 402] <... munmap resumed>) = 0 [pid 402] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 28.319391][ T397] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 402] ioctl(4, LOOP_SET_FD, 3 [pid 403] <... write resumed>) = 20699119 [pid 403] munmap(0x7fc71771c000, 138412032) = 0 [pid 403] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 403] ioctl(4, LOOP_SET_FD, 3 [pid 399] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 399] ioctl(4, LOOP_SET_FD, 3 [pid 402] <... ioctl resumed>) = 0 [pid 402] close(3) = 0 [pid 402] close(4) = 0 [pid 402] mkdir("./file4", 0777) = 0 [pid 402] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 399] <... ioctl resumed>) = 0 [pid 399] close(3) = 0 [pid 399] close(4) = 0 [pid 399] mkdir("./file4", 0777) = 0 [ 28.363054][ T397] F2FS-fs (loop3): fault_injection options not supported [ 28.363803][ T402] loop1: detected capacity change from 0 to 40427 [ 28.380127][ T403] loop0: detected capacity change from 0 to 40427 [ 28.380806][ T399] loop2: detected capacity change from 0 to 40427 [ 28.388266][ T397] F2FS-fs (loop3): fault_type options not supported [ 28.405644][ T402] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [pid 399] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 403] <... ioctl resumed>) = 0 [pid 403] close(3) = 0 [pid 403] close(4) = 0 [pid 403] mkdir("./file4", 0777) = 0 [pid 403] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 405] <... write resumed>) = 20699119 [ 28.417026][ T399] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 28.428313][ T403] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 28.428797][ T402] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 28.436789][ T403] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 28.445869][ T399] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 405] munmap(0x7fc71771c000, 138412032) = 0 [pid 405] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 405] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 405] close(3) = 0 [pid 405] close(4) = 0 [pid 405] mkdir("./file4", 0777) = 0 [ 28.455500][ T403] F2FS-fs (loop0): fault_injection options not supported [ 28.463248][ T402] F2FS-fs (loop1): fault_injection options not supported [ 28.477455][ T397] F2FS-fs (loop3): invalid crc value [ 28.483586][ T405] loop4: detected capacity change from 0 to 40427 [ 28.487227][ T399] F2FS-fs (loop2): fault_injection options not supported [ 28.498340][ T399] F2FS-fs (loop2): fault_type options not supported [ 28.505635][ T402] F2FS-fs (loop1): fault_type options not supported [ 28.505695][ T403] F2FS-fs (loop0): fault_type options not supported [ 28.524211][ T402] F2FS-fs (loop1): invalid crc value [ 28.529752][ T399] F2FS-fs (loop2): invalid crc value [ 28.536136][ T397] F2FS-fs (loop3): Found nat_bits in checkpoint [ 28.536291][ T405] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 28.554154][ T403] F2FS-fs (loop0): invalid crc value [ 28.556428][ T405] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 28.572227][ T405] F2FS-fs (loop4): fault_injection options not supported [ 28.572279][ T399] F2FS-fs (loop2): Found nat_bits in checkpoint [ 28.579649][ T405] F2FS-fs (loop4): fault_type options not supported [ 28.594027][ T402] F2FS-fs (loop1): Found nat_bits in checkpoint [ 28.602245][ T403] F2FS-fs (loop0): Found nat_bits in checkpoint [ 28.610766][ T405] F2FS-fs (loop4): invalid crc value [pid 405] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 397] <... mount resumed>) = 0 [pid 397] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 397] chdir("./file4") = 0 [pid 397] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 397] ioctl(4, LOOP_CLR_FD) = 0 [pid 397] close(4) = 0 [pid 397] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] <... futex resumed>) = 0 [pid 396] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] fspick(AT_FDCWD, ".", 0) = 4 [pid 397] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] <... futex resumed>) = 0 [pid 396] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 397] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] <... futex resumed>) = 0 [pid 396] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 397] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] <... futex resumed>) = 0 [pid 396] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 396] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 397] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 397] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 396] <... futex resumed>) = 0 [pid 396] close(3) = 0 [pid 396] close(4 [pid 397] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 396] <... close resumed>) = 0 [pid 396] close(5) = 0 [pid 396] close(6) = -1 EBADF (Bad file descriptor) [ 28.616682][ T397] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 28.630356][ T397] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 28.638823][ T405] F2FS-fs (loop4): Found nat_bits in checkpoint [ 28.660455][ T397] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 396] close(7) = -1 EBADF (Bad file descriptor) [pid 396] close(8 [pid 402] <... mount resumed>) = 0 [pid 402] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 402] chdir("./file4") = 0 [pid 402] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 402] ioctl(4, LOOP_CLR_FD) = 0 [pid 402] close(4) = 0 [pid 402] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 400] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 400] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... futex resumed>) = 1 [pid 402] fspick(AT_FDCWD, ".", 0) = 4 [pid 402] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 400] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 400] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 402] <... futex resumed>) = 1 [pid 402] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 396] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 396] close(9) = -1 EBADF (Bad file descriptor) [pid 396] close(10) = -1 EBADF (Bad file descriptor) [pid 396] close(11) = -1 EBADF (Bad file descriptor) [pid 396] close(12) = -1 EBADF (Bad file descriptor) [pid 396] close(13) = -1 EBADF (Bad file descriptor) [pid 396] close(14) = -1 EBADF (Bad file descriptor) [pid 396] close(15) = -1 EBADF (Bad file descriptor) [pid 396] close(16) = -1 EBADF (Bad file descriptor) [pid 396] close(17) = -1 EBADF (Bad file descriptor) [pid 396] close(18) = -1 EBADF (Bad file descriptor) [pid 396] close(19) = -1 EBADF (Bad file descriptor) [pid 396] close(20) = -1 EBADF (Bad file descriptor) [pid 396] close(21) = -1 EBADF (Bad file descriptor) [pid 396] close(22) = -1 EBADF (Bad file descriptor) [pid 396] close(23) = -1 EBADF (Bad file descriptor) [pid 396] close(24) = -1 EBADF (Bad file descriptor) [pid 396] close(25) = -1 EBADF (Bad file descriptor) [pid 396] close(26) = -1 EBADF (Bad file descriptor) [pid 396] close(27) = -1 EBADF (Bad file descriptor) [pid 396] close(28) = -1 EBADF (Bad file descriptor) [pid 396] close(29) = -1 EBADF (Bad file descriptor) [pid 396] exit_group(0 [pid 397] <... futex resumed>) = ? [pid 396] <... exit_group resumed>) = ? [pid 397] +++ exited with 0 +++ [pid 402] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 402] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 400] <... futex resumed>) = 0 [pid 396] +++ exited with 0 +++ [pid 400] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=6, si_stime=16} --- [pid 400] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 28.678185][ T402] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 28.687044][ T399] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 28.687538][ T402] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 28.702473][ T399] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 28.709288][ T402] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 402] <... futex resumed>) = 1 [pid 399] <... mount resumed>) = 0 [pid 399] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 402] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 399] <... openat resumed>) = 3 [pid 402] <... open resumed>) = 5 [pid 399] chdir("./file4") = 0 [pid 399] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 399] ioctl(4, LOOP_CLR_FD) = 0 [pid 399] close(4) = 0 [pid 399] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 399] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 402] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 402] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] <... futex resumed>) = 0 [pid 400] <... futex resumed>) = 0 [pid 398] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... restart_syscall resumed>) = 0 [pid 398] <... futex resumed>) = 1 [pid 400] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 400] <... futex resumed>) = 1 [pid 400] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 399] <... futex resumed>) = 0 [pid 399] fspick(AT_FDCWD, ".", 0) = 4 [pid 399] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 399] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 402] <... futex resumed>) = 0 [pid 402] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 402] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 402] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 400] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = 0 [pid 400] close(3 [pid 398] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] <... mount resumed>) = 0 [pid 403] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 400] <... close resumed>) = 0 [pid 399] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = 1 [pid 399] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 400] close(4 [pid 398] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 403] <... openat resumed>) = 3 [pid 403] chdir("./file4") = 0 [pid 403] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 400] <... close resumed>) = 0 [pid 403] <... openat resumed>) = 4 [pid 400] close(5 [pid 399] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 400] <... close resumed>) = 0 [pid 400] close(6) = -1 EBADF (Bad file descriptor) [pid 400] close(7) = -1 EBADF (Bad file descriptor) [pid 400] close(8) = -1 EBADF (Bad file descriptor) [pid 400] close(9) = -1 EBADF (Bad file descriptor) [pid 400] close(10) = -1 EBADF (Bad file descriptor) [pid 400] close(11) = -1 EBADF (Bad file descriptor) [pid 400] close(12) = -1 EBADF (Bad file descriptor) [pid 400] close(13) = -1 EBADF (Bad file descriptor) [pid 400] close(14) = -1 EBADF (Bad file descriptor) [pid 400] close(15) = -1 EBADF (Bad file descriptor) [pid 400] close(16) = -1 EBADF (Bad file descriptor) [pid 400] close(17) = -1 EBADF (Bad file descriptor) [pid 400] close(18) = -1 EBADF (Bad file descriptor) [pid 400] close(19) = -1 EBADF (Bad file descriptor) [pid 400] close(20) = -1 EBADF (Bad file descriptor) [pid 400] close(21) = -1 EBADF (Bad file descriptor) [pid 400] close(22) = -1 EBADF (Bad file descriptor) [pid 400] close(23) = -1 EBADF (Bad file descriptor) [ 28.726375][ T403] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 28.740259][ T403] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 28.754744][ T399] F2FS-fs (loop2): switch discard_unit option is not allowed [ 28.765840][ T405] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [pid 400] close(24) = -1 EBADF (Bad file descriptor) [pid 400] close(25) = -1 EBADF (Bad file descriptor) [pid 400] close(26) = -1 EBADF (Bad file descriptor) [pid 400] close(27) = -1 EBADF (Bad file descriptor) [pid 400] close(28) = -1 EBADF (Bad file descriptor) [pid 400] close(29) = -1 EBADF (Bad file descriptor) [pid 400] exit_group(0 [pid 402] <... futex resumed>) = ? [pid 400] <... exit_group resumed>) = ? [pid 402] +++ exited with 0 +++ [pid 400] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=7, si_stime=21} --- [pid 405] <... mount resumed>) = 0 [pid 403] ioctl(4, LOOP_CLR_FD [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 399] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 405] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 403] <... ioctl resumed>) = 0 [pid 399] <... futex resumed>) = 1 [pid 398] <... futex resumed>) = 0 [pid 398] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 398] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 405] <... openat resumed>) = 3 [pid 405] chdir("./file4") = 0 [pid 405] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 297] <... restart_syscall resumed>) = 0 [pid 297] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 403] close(4 [pid 399] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 403] <... close resumed>) = 0 [pid 405] <... openat resumed>) = 4 [pid 405] ioctl(4, LOOP_CLR_FD) = 0 [pid 405] close(4) = 0 [pid 405] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... open resumed>) = 5 [pid 405] <... futex resumed>) = 1 [pid 404] <... futex resumed>) = 0 [pid 403] <... futex resumed>) = 1 [pid 401] <... futex resumed>) = 0 [pid 399] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 405] fspick(AT_FDCWD, ".", 0 [pid 404] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... futex resumed>) = 1 [pid 398] <... futex resumed>) = 0 [pid 405] <... fspick resumed>) = 4 [pid 404] <... futex resumed>) = 0 [pid 403] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] <... futex resumed>) = 0 [pid 399] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 398] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 405] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 404] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 403] fspick(AT_FDCWD, ".", 0 [pid 401] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 399] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 398] <... futex resumed>) = 0 [pid 405] <... futex resumed>) = 0 [pid 404] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 403] <... fspick resumed>) = 4 [pid 399] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [ 28.774037][ T405] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 398] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 405] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 404] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 399] <... futex resumed>) = 0 [pid 398] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 404] <... futex resumed>) = 0 [pid 403] <... futex resumed>) = 1 [pid 401] <... futex resumed>) = 0 [pid 399] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 398] close(3 [pid 404] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 403] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 398] <... close resumed>) = 0 [pid 403] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] <... futex resumed>) = 0 [pid 398] close(4 [pid 403] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 401] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 398] <... close resumed>) = 0 [pid 398] close(5) = 0 [pid 398] close(6) = -1 EBADF (Bad file descriptor) [pid 398] close(7) = -1 EBADF (Bad file descriptor) [pid 398] close(8) = -1 EBADF (Bad file descriptor) [pid 398] close(9) = -1 EBADF (Bad file descriptor) [pid 398] close(10) = -1 EBADF (Bad file descriptor) [pid 398] close(11) = -1 EBADF (Bad file descriptor) [pid 398] close(12) = -1 EBADF (Bad file descriptor) [pid 398] close(13) = -1 EBADF (Bad file descriptor) [pid 398] close(14) = -1 EBADF (Bad file descriptor) [pid 398] close(15) = -1 EBADF (Bad file descriptor) [pid 398] close(16) = -1 EBADF (Bad file descriptor) [pid 398] close(17) = -1 EBADF (Bad file descriptor) [pid 398] close(18) = -1 EBADF (Bad file descriptor) [pid 398] close(19) = -1 EBADF (Bad file descriptor) [pid 398] close(20) = -1 EBADF (Bad file descriptor) [pid 398] close(21) = -1 EBADF (Bad file descriptor) [pid 398] close(22) = -1 EBADF (Bad file descriptor) [pid 398] close(23) = -1 EBADF (Bad file descriptor) [pid 398] close(24) = -1 EBADF (Bad file descriptor) [pid 398] close(25) = -1 EBADF (Bad file descriptor) [pid 398] close(26) = -1 EBADF (Bad file descriptor) [pid 398] close(27) = -1 EBADF (Bad file descriptor) [pid 398] close(28) = -1 EBADF (Bad file descriptor) [pid 398] close(29) = -1 EBADF (Bad file descriptor) [pid 398] exit_group(0) = ? [pid 399] <... futex resumed>) = ? [pid 399] +++ exited with 0 +++ [pid 398] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=6, si_stime=23} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 403] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 403] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 403] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 401] <... futex resumed>) = 0 [pid 403] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 401] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 405] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 405] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] <... open resumed>) = 5 [pid 403] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 403] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 401] <... futex resumed>) = 0 [pid 401] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 403] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 403] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 401] <... futex resumed>) = 0 [pid 403] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 401] close(3) = 0 [pid 401] close(4 [pid 404] <... futex resumed>) = 0 [pid 401] <... close resumed>) = 0 [pid 404] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] close(5 [pid 404] <... futex resumed>) = 0 [pid 404] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 401] <... close resumed>) = 0 [pid 401] close(6) = -1 EBADF (Bad file descriptor) [pid 401] close(7) = -1 EBADF (Bad file descriptor) [pid 401] close(8) = -1 EBADF (Bad file descriptor) [pid 401] close(9) = -1 EBADF (Bad file descriptor) [pid 401] close(10) = -1 EBADF (Bad file descriptor) [pid 401] close(11) = -1 EBADF (Bad file descriptor) [pid 401] close(12) = -1 EBADF (Bad file descriptor) [pid 401] close(13) = -1 EBADF (Bad file descriptor) [pid 401] close(14) = -1 EBADF (Bad file descriptor) [pid 401] close(15) = -1 EBADF (Bad file descriptor) [pid 401] close(16) = -1 EBADF (Bad file descriptor) [pid 405] <... futex resumed>) = 1 [pid 405] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 405] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 404] <... futex resumed>) = 0 [pid 293] <... restart_syscall resumed>) = 0 [pid 404] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] close(17 [pid 404] <... futex resumed>) = 0 [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 404] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 405] <... futex resumed>) = 1 [pid 401] close(18) = -1 EBADF (Bad file descriptor) [pid 293] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 401] close(19 [pid 405] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 401] close(20 [pid 293] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 401] close(21 [pid 293] <... openat resumed>) = 3 [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] newfstatat(3, "", [pid 401] close(22 [pid 405] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 401] close(23 [pid 293] getdents64(3, [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 401] close(24 [pid 293] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 401] close(25) = -1 EBADF (Bad file descriptor) [pid 401] close(26 [pid 405] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 405] <... futex resumed>) = 1 [pid 404] <... futex resumed>) = 0 [pid 401] close(27 [pid 404] close(3 [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 405] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 404] <... close resumed>) = 0 [pid 401] close(28 [pid 404] close(4) = 0 [pid 404] close(5) = 0 [pid 404] close(6) = -1 EBADF (Bad file descriptor) [pid 404] close(7) = -1 EBADF (Bad file descriptor) [pid 404] close(8) = -1 EBADF (Bad file descriptor) [pid 404] close(9) = -1 EBADF (Bad file descriptor) [pid 404] close(10) = -1 EBADF (Bad file descriptor) [pid 404] close(11) = -1 EBADF (Bad file descriptor) [pid 404] close(12) = -1 EBADF (Bad file descriptor) [pid 404] close(13) = -1 EBADF (Bad file descriptor) [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 404] close(14) = -1 EBADF (Bad file descriptor) [pid 404] close(15) = -1 EBADF (Bad file descriptor) [pid 404] close(16) = -1 EBADF (Bad file descriptor) [pid 404] close(17) = -1 EBADF (Bad file descriptor) [pid 404] close(18) = -1 EBADF (Bad file descriptor) [pid 404] close(19) = -1 EBADF (Bad file descriptor) [pid 404] close(20) = -1 EBADF (Bad file descriptor) [pid 404] close(21 [pid 401] close(29 [pid 404] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 404] close(22) = -1 EBADF (Bad file descriptor) [pid 404] close(23) = -1 EBADF (Bad file descriptor) [pid 404] close(24) = -1 EBADF (Bad file descriptor) [pid 404] close(25) = -1 EBADF (Bad file descriptor) [pid 404] close(26) = -1 EBADF (Bad file descriptor) [pid 404] close(27) = -1 EBADF (Bad file descriptor) [pid 401] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 404] close(28) = -1 EBADF (Bad file descriptor) [pid 404] close(29) = -1 EBADF (Bad file descriptor) [pid 404] exit_group(0) = ? [ 28.811294][ T405] F2FS-fs (loop4): switch discard_unit option is not allowed [ 28.822810][ T403] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 405] <... futex resumed>) = ? [pid 401] exit_group(0 [pid 405] +++ exited with 0 +++ [pid 404] +++ exited with 0 +++ [pid 401] <... exit_group resumed>) = ? [pid 403] <... futex resumed>) = ? [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=5, si_stime=19} --- [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 403] +++ exited with 0 +++ [pid 401] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=8, si_uid=0, si_status=0, si_utime=7, si_stime=20} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 299] <... restart_syscall resumed>) = 0 [pid 294] <... restart_syscall resumed>) = 0 [pid 299] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 299] <... openat resumed>) = 3 [pid 294] <... openat resumed>) = 3 [pid 299] newfstatat(3, "", [pid 294] newfstatat(3, "", [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, [pid 294] getdents64(3, [pid 299] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./3/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./3/file4") = 0 [pid 298] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./3/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./3") = 0 [pid 298] mkdir("./4", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 10 ./strace-static-x86_64: Process 426 attached [pid 426] set_robust_list(0x5555875796a0, 24) = 0 [pid 426] chdir("./4") = 0 [pid 426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 426] setpgid(0, 0) = 0 [pid 426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 426] write(3, "1000", 4) = 4 [pid 426] close(3) = 0 [pid 426] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 426] write(1, "executing program\n", 18) = 18 [pid 426] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 426] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 426] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 426] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 426] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 426] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 426] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[11]}, 88) = 11 [pid 426] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 426] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 426] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 427 attached [pid 427] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 427] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 427] memfd_create("syzkaller", 0) = 3 [pid 427] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./3/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, [pid 299] <... umount2 resumed>) = 0 [pid 297] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./3/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] getdents64(4, [pid 299] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./3/file4") = 0 [pid 297] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./3/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./3") = 0 [pid 297] close(4 [pid 299] mkdir("./4", 0777 [pid 297] <... close resumed>) = 0 [pid 299] <... mkdir resumed>) = 0 [pid 297] rmdir("./3/file4" [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD [pid 297] <... rmdir resumed>) = 0 [pid 299] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 299] close(3 [pid 297] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] <... close resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] unlink("./3/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3 [pid 299] <... clone resumed>, child_tidptr=0x555587579690) = 10 [pid 297] <... close resumed>) = 0 [pid 297] rmdir("./3") = 0 [pid 297] mkdir("./4", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 10 ./strace-static-x86_64: Process 428 attached [pid 428] set_robust_list(0x5555875796a0, 24) = 0 [pid 428] chdir("./4") = 0 [pid 428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 428] setpgid(0, 0) = 0 [pid 428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 428] write(3, "1000", 4) = 4 [pid 428] close(3) = 0 [pid 428] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 428] write(1, "executing program\n", 18) = 18 [pid 428] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 428] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 428] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 428] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 428] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 428] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 428] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[11]}, 88) = 11 [pid 428] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 428] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 428] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 430 attached [pid 430] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 430] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 430] memfd_create("syzkaller", 0) = 3 [pid 430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 293] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 429 attached [pid 429] set_robust_list(0x5555875796a0, 24 [pid 293] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 429] <... set_robust_list resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 429] chdir("./4" [pid 293] newfstatat(AT_FDCWD, "./3/file4", [pid 429] <... chdir resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 429] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 293] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 429] setpgid(0, 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 429] <... setpgid resumed>) = 0 [pid 293] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 429] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 293] <... openat resumed>) = 4 [pid 429] <... openat resumed>) = 3 [pid 293] newfstatat(4, "", [pid 429] write(3, "1000", 4) = 4 [pid 429] close(3 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 429] <... close resumed>) = 0 [pid 293] getdents64(4, [pid 429] symlink("/dev/binderfs", "./binderfs") = 0 [pid 293] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 429] write(1, "executing program\n", 18 [pid 293] getdents64(4, executing program [pid 429] <... write resumed>) = 18 [pid 293] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 429] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] close(4 [pid 429] <... futex resumed>) = 0 [pid 293] <... close resumed>) = 0 [pid 429] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 293] rmdir("./3/file4" [pid 429] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 293] <... rmdir resumed>) = 0 [pid 429] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 429] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 293] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 429] <... mmap resumed>) = 0x7fc71fb1c000 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 429] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 293] newfstatat(AT_FDCWD, "./3/binderfs", [pid 429] rt_sigprocmask(SIG_BLOCK, ~[], [pid 293] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 429] <... rt_sigprocmask resumed>[], 8) = 0 [pid 293] unlink("./3/binderfs" [pid 429] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 293] <... unlink resumed>) = 0 [pid 429] <... clone3 resumed> => {parent_tid=[11]}, 88) = 11 [pid 429] rt_sigprocmask(SIG_SETMASK, [], [pid 293] getdents64(3, [pid 429] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 429] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 429] <... futex resumed>) = 0 [pid 293] close(3 [pid 429] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 293] <... close resumed>) = 0 [pid 293] rmdir("./3") = 0 [pid 293] mkdir("./4", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 ./strace-static-x86_64: Process 431 attached [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 10 [pid 431] set_robust_list(0x7fc71fb3c9a0, 24 [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 431] <... set_robust_list resumed>) = 0 [pid 294] newfstatat(AT_FDCWD, "./3/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./3/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./3/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 431] rt_sigprocmask(SIG_SETMASK, [], [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 431] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 294] rmdir("./3/file4") = 0 [pid 294] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./3/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 431] memfd_create("syzkaller", 0 [pid 294] rmdir("./3") = 0 [pid 294] mkdir("./4", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3 [pid 431] <... memfd_create resumed>) = 3 [pid 431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 294] <... close resumed>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 10 ./strace-static-x86_64: Process 432 attached [pid 432] set_robust_list(0x5555875796a0, 24) = 0 [pid 432] chdir("./4") = 0 [pid 432] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 432] setpgid(0, 0) = 0 [pid 432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 432] write(3, "1000", 4) = 4 [pid 432] close(3) = 0 [pid 432] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 432] write(1, "executing program\n", 18) = 18 [pid 432] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 432] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 432] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 432] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 432] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 432] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[11]}, 88) = 11 [pid 432] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 432] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 434 attached [pid 434] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 434] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 434] memfd_create("syzkaller", 0) = 3 [pid 434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 433 attached [pid 433] set_robust_list(0x5555875796a0, 24) = 0 [pid 433] chdir("./4") = 0 [pid 433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 433] setpgid(0, 0) = 0 [pid 433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 433] write(3, "1000", 4) = 4 [pid 433] close(3) = 0 [pid 433] symlink("/dev/binderfs", "./binderfs") = 0 [pid 433] write(1, "executing program\n", 18executing program ) = 18 [pid 433] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 433] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 433] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 433] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 433] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 433] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 433] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[11]}, 88) = 11 [pid 433] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 433] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 433] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 435 attached [pid 435] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 435] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 435] memfd_create("syzkaller", 0) = 3 [pid 435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 427] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 427] <... write resumed>) = 20699119 [pid 431] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 427] munmap(0x7fc71771c000, 138412032) = 0 [pid 427] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 427] ioctl(4, LOOP_SET_FD, 3 [pid 434] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 427] <... ioctl resumed>) = 0 [pid 427] close(3) = 0 [pid 427] close(4) = 0 [pid 427] mkdir("./file4", 0777) = 0 [ 29.370684][ T427] loop3: detected capacity change from 0 to 40427 [ 29.393433][ T427] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 29.411424][ T427] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 29.419971][ T427] F2FS-fs (loop3): fault_injection options not supported [ 29.450366][ T427] F2FS-fs (loop3): fault_type options not supported [pid 427] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 435] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 430] <... write resumed>) = 20699119 [pid 430] munmap(0x7fc71771c000, 138412032) = 0 [pid 430] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 29.467769][ T427] F2FS-fs (loop3): invalid crc value [pid 430] ioctl(4, LOOP_SET_FD, 3 [pid 431] <... write resumed>) = 20699119 [pid 431] munmap(0x7fc71771c000, 138412032) = 0 [pid 431] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 431] ioctl(4, LOOP_SET_FD, 3 [pid 430] <... ioctl resumed>) = 0 [pid 430] close(3) = 0 [pid 430] close(4) = 0 [pid 430] mkdir("./file4", 0777) = 0 [pid 430] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 431] <... ioctl resumed>) = 0 [pid 431] close(3) = 0 [pid 431] close(4) = 0 [pid 431] mkdir("./file4", 0777) = 0 [ 29.510144][ T430] loop4: detected capacity change from 0 to 40427 [ 29.520187][ T427] F2FS-fs (loop3): Found nat_bits in checkpoint [ 29.537985][ T431] loop1: detected capacity change from 0 to 40427 [ 29.549613][ T430] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 431] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 434] <... write resumed>) = 20699119 [pid 434] munmap(0x7fc71771c000, 138412032) = 0 [pid 434] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 434] ioctl(4, LOOP_SET_FD, 3) = 0 [ 29.562356][ T431] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 29.582717][ T434] loop2: detected capacity change from 0 to 40427 [ 29.589480][ T431] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 29.591846][ T430] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 434] close(3) = 0 [pid 434] close(4) = 0 [pid 434] mkdir("./file4", 0777) = 0 [pid 434] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 435] <... write resumed>) = 20699119 [pid 435] munmap(0x7fc71771c000, 138412032) = 0 [pid 435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 29.607609][ T431] F2FS-fs (loop1): fault_injection options not supported [ 29.615243][ T434] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 29.619868][ T431] F2FS-fs (loop1): fault_type options not supported [ 29.624715][ T434] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 29.630234][ T431] F2FS-fs (loop1): invalid crc value [ 29.646091][ T430] F2FS-fs (loop4): fault_injection options not supported [ 29.646171][ T435] loop0: detected capacity change from 0 to 40427 [pid 435] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 435] close(3) = 0 [pid 435] close(4) = 0 [pid 435] mkdir("./file4", 0777) = 0 [ 29.653543][ T430] F2FS-fs (loop4): fault_type options not supported [ 29.668244][ T435] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 29.670611][ T434] F2FS-fs (loop2): fault_injection options not supported [ 29.675972][ T427] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 29.683390][ T434] F2FS-fs (loop2): fault_type options not supported [ 29.694677][ T435] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 435] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 427] <... mount resumed>) = 0 [pid 427] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 427] chdir("./file4") = 0 [pid 427] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 427] ioctl(4, LOOP_CLR_FD) = 0 [pid 427] close(4) = 0 [pid 427] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] <... futex resumed>) = 0 [pid 427] fspick(AT_FDCWD, ".", 0 [pid 426] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... fspick resumed>) = 4 [pid 426] <... futex resumed>) = 0 [pid 427] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 426] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 427] <... futex resumed>) = 0 [pid 426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 427] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 426] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 426] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 427] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 427] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] <... futex resumed>) = 0 [pid 426] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 426] <... futex resumed>) = 0 [pid 426] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 427] <... open resumed>) = 5 [pid 427] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 426] <... futex resumed>) = 0 [pid 427] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 426] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 427] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 426] <... futex resumed>) = 0 [ 29.700938][ T427] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 29.707012][ T435] F2FS-fs (loop0): fault_injection options not supported [ 29.714745][ T430] F2FS-fs (loop4): invalid crc value [ 29.721524][ T435] F2FS-fs (loop0): fault_type options not supported [ 29.726595][ T434] F2FS-fs (loop2): invalid crc value [ 29.735083][ T435] F2FS-fs (loop0): invalid crc value [ 29.744388][ T431] F2FS-fs (loop1): Found nat_bits in checkpoint [ 29.754141][ T427] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 427] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 426] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 427] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 426] close(3) = 0 [pid 426] close(4) = 0 [pid 426] close(5) = 0 [pid 426] close(6) = -1 EBADF (Bad file descriptor) [pid 426] close(7) = -1 EBADF (Bad file descriptor) [pid 426] close(8) = -1 EBADF (Bad file descriptor) [pid 426] close(9) = -1 EBADF (Bad file descriptor) [pid 426] close(10) = -1 EBADF (Bad file descriptor) [pid 426] close(11) = -1 EBADF (Bad file descriptor) [pid 426] close(12) = -1 EBADF (Bad file descriptor) [pid 426] close(13) = -1 EBADF (Bad file descriptor) [pid 426] close(14) = -1 EBADF (Bad file descriptor) [pid 426] close(15) = -1 EBADF (Bad file descriptor) [pid 426] close(16) = -1 EBADF (Bad file descriptor) [pid 426] close(17) = -1 EBADF (Bad file descriptor) [pid 426] close(18) = -1 EBADF (Bad file descriptor) [pid 426] close(19) = -1 EBADF (Bad file descriptor) [pid 426] close(20) = -1 EBADF (Bad file descriptor) [pid 426] close(21) = -1 EBADF (Bad file descriptor) [pid 426] close(22) = -1 EBADF (Bad file descriptor) [pid 426] close(23) = -1 EBADF (Bad file descriptor) [pid 426] close(24) = -1 EBADF (Bad file descriptor) [pid 426] close(25) = -1 EBADF (Bad file descriptor) [pid 426] close(26) = -1 EBADF (Bad file descriptor) [pid 426] close(27) = -1 EBADF (Bad file descriptor) [pid 426] close(28) = -1 EBADF (Bad file descriptor) [pid 426] close(29) = -1 EBADF (Bad file descriptor) [pid 426] exit_group(0 [pid 427] <... futex resumed>) = ? [pid 426] <... exit_group resumed>) = ? [pid 427] +++ exited with 0 +++ [pid 426] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=8, si_stime=19} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 29.769508][ T430] F2FS-fs (loop4): Found nat_bits in checkpoint [ 29.777175][ T435] F2FS-fs (loop0): Found nat_bits in checkpoint [ 29.785067][ T434] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 298] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 431] <... mount resumed>) = 0 [pid 431] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 431] chdir("./file4") = 0 [pid 431] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 431] ioctl(4, LOOP_CLR_FD) = 0 [pid 431] close(4) = 0 [pid 431] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 431] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 431] <... futex resumed>) = 0 [pid 429] <... futex resumed>) = 1 [pid 431] fspick(AT_FDCWD, ".", 0) = 4 [pid 429] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 431] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 431] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 429] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 431] <... futex resumed>) = 0 [pid 429] <... futex resumed>) = 1 [pid 431] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 429] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 431] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 431] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 431] <... futex resumed>) = 1 [ 29.831972][ T431] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 29.850376][ T431] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 29.873206][ T431] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 431] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 431] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 429] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 431] <... futex resumed>) = 1 [pid 431] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 431] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 429] <... futex resumed>) = 0 [pid 429] close(3) = 0 [pid 429] close(4) = 0 [pid 429] close(5) = 0 [pid 429] close(6) = -1 EBADF (Bad file descriptor) [pid 429] close(7) = -1 EBADF (Bad file descriptor) [pid 429] close(8) = -1 EBADF (Bad file descriptor) [pid 429] close(9) = -1 EBADF (Bad file descriptor) [pid 429] close(10) = -1 EBADF (Bad file descriptor) [pid 429] close(11) = -1 EBADF (Bad file descriptor) [pid 429] close(12) = -1 EBADF (Bad file descriptor) [pid 429] close(13) = -1 EBADF (Bad file descriptor) [pid 429] close(14) = -1 EBADF (Bad file descriptor) [pid 429] close(15) = -1 EBADF (Bad file descriptor) [pid 429] close(16) = -1 EBADF (Bad file descriptor) [pid 429] close(17) = -1 EBADF (Bad file descriptor) [pid 429] close(18) = -1 EBADF (Bad file descriptor) [pid 429] close(19) = -1 EBADF (Bad file descriptor) [pid 429] close(20) = -1 EBADF (Bad file descriptor) [pid 429] close(21) = -1 EBADF (Bad file descriptor) [pid 429] close(22) = -1 EBADF (Bad file descriptor) [pid 429] close(23) = -1 EBADF (Bad file descriptor) [pid 429] close(24) = -1 EBADF (Bad file descriptor) [pid 429] close(25) = -1 EBADF (Bad file descriptor) [pid 429] close(26) = -1 EBADF (Bad file descriptor) [pid 429] close(27) = -1 EBADF (Bad file descriptor) [pid 429] close(28) = -1 EBADF (Bad file descriptor) [pid 429] close(29) = -1 EBADF (Bad file descriptor) [pid 429] exit_group(0) = ? [pid 431] <... futex resumed>) = ? [pid 431] +++ exited with 0 +++ [pid 429] +++ exited with 0 +++ [pid 435] <... mount resumed>) = 0 [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 297] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 435] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 435] chdir("./file4") = 0 [pid 435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 435] ioctl(4, LOOP_CLR_FD) = 0 [pid 435] close(4) = 0 [pid 435] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 435] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 433] <... futex resumed>) = 0 [pid 433] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = 0 [pid 433] <... futex resumed>) = 1 [pid 435] fspick(AT_FDCWD, ".", 0) = 4 [pid 435] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 435] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 430] <... mount resumed>) = 0 [pid 430] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 430] chdir("./file4") = 0 [pid 430] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 430] ioctl(4, LOOP_CLR_FD) = 0 [pid 430] close(4) = 0 [pid 430] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = 0 [pid 428] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 428] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] fspick(AT_FDCWD, ".", 0) = 4 [pid 430] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = 0 [pid 428] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 428] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 433] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 433] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 435] <... futex resumed>) = 0 [pid 433] <... futex resumed>) = 1 [ 29.893237][ T435] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 29.906857][ T435] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 29.908040][ T430] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 29.923855][ T430] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 29.934622][ T430] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 435] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 433] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 430] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = 0 [pid 428] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 428] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 435] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 435] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 435] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 430] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = 0 [pid 428] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 433] <... futex resumed>) = 0 [pid 428] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 430] <... futex resumed>) = 1 [pid 430] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 430] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 428] <... futex resumed>) = 0 [pid 428] close(3) = 0 [pid 428] close(4) = 0 [pid 428] close(5) = 0 [pid 428] close(6) = -1 EBADF (Bad file descriptor) [pid 428] close(7) = -1 EBADF (Bad file descriptor) [pid 428] close(8) = -1 EBADF (Bad file descriptor) [pid 428] close(9) = -1 EBADF (Bad file descriptor) [pid 428] close(10) = -1 EBADF (Bad file descriptor) [pid 428] close(11) = -1 EBADF (Bad file descriptor) [pid 428] close(12) = -1 EBADF (Bad file descriptor) [pid 428] close(13) = -1 EBADF (Bad file descriptor) [pid 428] close(14) = -1 EBADF (Bad file descriptor) [pid 428] close(15) = -1 EBADF (Bad file descriptor) [pid 428] close(16) = -1 EBADF (Bad file descriptor) [pid 428] close(17) = -1 EBADF (Bad file descriptor) [pid 428] close(18) = -1 EBADF (Bad file descriptor) [pid 428] close(19) = -1 EBADF (Bad file descriptor) [pid 428] close(20) = -1 EBADF (Bad file descriptor) [pid 428] close(21) = -1 EBADF (Bad file descriptor) [pid 428] close(22) = -1 EBADF (Bad file descriptor) [pid 428] close(23) = -1 EBADF (Bad file descriptor) [pid 428] close(24) = -1 EBADF (Bad file descriptor) [pid 428] close(25) = -1 EBADF (Bad file descriptor) [pid 428] close(26) = -1 EBADF (Bad file descriptor) [pid 428] close(27) = -1 EBADF (Bad file descriptor) [pid 428] close(28) = -1 EBADF (Bad file descriptor) [pid 428] close(29) = -1 EBADF (Bad file descriptor) [pid 428] exit_group(0) = ? [pid 430] <... futex resumed>) = ? [pid 433] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 435] <... futex resumed>) = 0 [pid 435] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 433] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... open resumed>) = 5 [pid 435] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 435] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 433] <... futex resumed>) = 0 [pid 433] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 430] +++ exited with 0 +++ [pid 428] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=5, si_stime=20} --- [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 433] <... futex resumed>) = 1 [pid 435] <... futex resumed>) = 0 [pid 435] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 433] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 435] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 435] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 435] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 433] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 433] close(3) = 0 [pid 433] close(4) = 0 [pid 433] close(5) = 0 [pid 433] close(6) = -1 EBADF (Bad file descriptor) [pid 433] close(7) = -1 EBADF (Bad file descriptor) [ 29.955652][ T435] F2FS-fs (loop0): switch discard_unit option is not allowed [ 29.975604][ T434] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [pid 433] close(8 [pid 299] <... restart_syscall resumed>) = 0 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 299] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 433] close(9 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 299] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 433] close(10) = -1 EBADF (Bad file descriptor) [pid 433] close(11 [pid 434] <... mount resumed>) = 0 [pid 434] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 434] chdir("./file4") = 0 [pid 434] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 434] ioctl(4, LOOP_CLR_FD) = 0 [pid 434] close(4) = 0 [pid 434] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] <... futex resumed>) = 1 [pid 434] fspick(AT_FDCWD, ".", 0) = 4 [pid 434] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] <... futex resumed>) = 1 [pid 434] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... umount2 resumed>) = 0 [pid 433] close(12 [pid 298] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 434] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 434] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] <... futex resumed>) = 1 [pid 434] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 433] close(13 [pid 434] <... open resumed>) = 5 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] newfstatat(AT_FDCWD, "./4/file4", [pid 434] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = 0 [pid 432] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 432] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 434] <... futex resumed>) = 1 [pid 434] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 434] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 432] <... futex resumed>) = 0 [pid 432] close(3) = 0 [pid 432] close(4) = 0 [pid 432] close(5) = 0 [pid 432] close(6) = -1 EBADF (Bad file descriptor) [pid 432] close(7) = -1 EBADF (Bad file descriptor) [pid 432] close(8) = -1 EBADF (Bad file descriptor) [pid 432] close(9) = -1 EBADF (Bad file descriptor) [pid 432] close(10) = -1 EBADF (Bad file descriptor) [pid 432] close(11) = -1 EBADF (Bad file descriptor) [pid 432] close(12) = -1 EBADF (Bad file descriptor) [pid 432] close(13) = -1 EBADF (Bad file descriptor) [pid 432] close(14) = -1 EBADF (Bad file descriptor) [pid 432] close(15) = -1 EBADF (Bad file descriptor) [pid 432] close(16) = -1 EBADF (Bad file descriptor) [pid 432] close(17) = -1 EBADF (Bad file descriptor) [pid 432] close(18) = -1 EBADF (Bad file descriptor) [pid 432] close(19) = -1 EBADF (Bad file descriptor) [pid 432] close(20) = -1 EBADF (Bad file descriptor) [pid 432] close(21 [pid 433] close(14 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(22 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 434] <... futex resumed>) = 1 [pid 433] close(15 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(23 [pid 433] close(16 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(24 [pid 298] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 433] close(17 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(25 [pid 298] <... openat resumed>) = 4 [pid 433] close(18 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] newfstatat(4, "", [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(26 [pid 433] close(19 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(27 [pid 434] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 433] close(20 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] getdents64(4, [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(28 [pid 433] close(21 [pid 432] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] close(29) = -1 EBADF (Bad file descriptor) [pid 433] close(22 [pid 432] exit_group(0 [pid 298] getdents64(4, [pid 434] <... futex resumed>) = ? [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 432] <... exit_group resumed>) = ? [pid 434] +++ exited with 0 +++ [pid 433] close(23 [pid 432] +++ exited with 0 +++ [pid 298] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] close(4 [pid 433] close(24 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=6, si_stime=20} --- [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] <... close resumed>) = 0 [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 433] close(25 [pid 298] rmdir("./4/file4" [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 433] close(26 [pid 298] <... rmdir resumed>) = 0 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 433] close(27 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... restart_syscall resumed>) = 0 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] newfstatat(AT_FDCWD, "./4/binderfs", [pid 433] close(28 [pid 298] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] unlink("./4/binderfs" [pid 433] close(29 [pid 298] <... unlink resumed>) = 0 [pid 293] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 433] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] getdents64(3, [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 433] exit_group(0 [pid 298] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 435] <... futex resumed>) = ? [pid 433] <... exit_group resumed>) = ? [pid 298] close(3 [pid 435] +++ exited with 0 +++ [pid 433] +++ exited with 0 +++ [pid 298] <... close resumed>) = 0 [pid 293] <... openat resumed>) = 3 [pid 298] rmdir("./4" [pid 293] newfstatat(3, "", [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=10, si_uid=0, si_status=0, si_utime=9, si_stime=22} --- [pid 298] <... rmdir resumed>) = 0 [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, [pid 298] mkdir("./5", 0777 [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] <... mkdir resumed>) = 0 [ 30.001457][ T434] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 30.022205][ T434] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 293] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 294] <... restart_syscall resumed>) = 0 [pid 298] <... openat resumed>) = 3 [pid 298] ioctl(3, LOOP_CLR_FD [pid 294] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] close(3 [pid 294] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 298] <... close resumed>) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] <... openat resumed>) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 12 [pid 294] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [ 30.064000][ T293] bio_check_eod: 13 callbacks suppressed [ 30.064018][ T293] syz-executor248: attempt to access beyond end of device [ 30.064018][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 30.103105][ T294] syz-executor248: attempt to access beyond end of device [pid 294] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program ./strace-static-x86_64: Process 456 attached [pid 456] set_robust_list(0x5555875796a0, 24) = 0 [pid 456] chdir("./5") = 0 [pid 456] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 456] setpgid(0, 0) = 0 [pid 456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 456] write(3, "1000", 4) = 4 [pid 456] close(3) = 0 [pid 456] symlink("/dev/binderfs", "./binderfs") = 0 [pid 456] write(1, "executing program\n", 18) = 18 [pid 456] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 456] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 456] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 456] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 456] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 456] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 456] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[13]}, 88) = 13 [pid 456] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 456] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 456] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 457 attached [pid 457] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 457] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 457] memfd_create("syzkaller", 0) = 3 [pid 457] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 30.103105][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./4/file4") = 0 [pid 297] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./4/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./4") = 0 [pid 297] mkdir("./5", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 12 ./strace-static-x86_64: Process 458 attached [pid 458] set_robust_list(0x5555875796a0, 24) = 0 [pid 458] chdir("./5") = 0 [pid 458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 458] setpgid(0, 0) = 0 [pid 458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 458] write(3, "1000", 4) = 4 [pid 458] close(3) = 0 [pid 458] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 458] write(1, "executing program\n", 18) = 18 [pid 458] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 458] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 458] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 458] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 458] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[13]}, 88) = 13 [pid 458] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 458] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 458] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 459 attached [pid 459] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 459] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 459] memfd_create("syzkaller", 0) = 3 [pid 459] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./4/file4") = 0 [pid 299] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./4/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./4") = 0 [pid 299] mkdir("./5", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 293] <... umount2 resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... clone resumed>, child_tidptr=0x555587579690) = 12 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./4/file4") = 0 [pid 293] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./4/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./4") = 0 [pid 293] mkdir("./5", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3./strace-static-x86_64: Process 460 attached ) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 12 [pid 460] set_robust_list(0x5555875796a0, 24) = 0 [pid 460] chdir("./5") = 0 [pid 460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 460] setpgid(0, 0) = 0 [pid 460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 460] write(3, "1000", 4) = 4 [pid 460] close(3) = 0 [pid 460] symlink("/dev/binderfs", "./binderfs") = 0 [pid 460] write(1, "executing program\n", 18executing program ) = 18 [pid 460] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 460] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 460] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], ./strace-static-x86_64: Process 461 attached NULL, 8) = 0 [pid 460] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 461] set_robust_list(0x5555875796a0, 24) = 0 [pid 461] chdir("./5" [pid 460] <... mmap resumed>) = 0x7fc71fb1c000 [pid 461] <... chdir resumed>) = 0 [pid 460] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 461] setpgid(0, 0) = 0 [pid 460] <... mprotect resumed>) = 0 [pid 460] rt_sigprocmask(SIG_BLOCK, ~[], [pid 461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 460] <... rt_sigprocmask resumed>[], 8) = 0 [pid 461] <... openat resumed>) = 3 [pid 460] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 461] write(3, "1000", 4) = 4 [pid 461] close(3) = 0 [pid 460] <... clone3 resumed> => {parent_tid=[13]}, 88) = 13 [pid 461] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 461] write(1, "executing program\n", 18) = 18 [pid 461] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 461] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 461] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 461] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 461] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 460] rt_sigprocmask(SIG_SETMASK, [], [pid 461] rt_sigprocmask(SIG_BLOCK, ~[], [pid 460] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 460] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... rt_sigprocmask resumed>[], 8) = 0 [pid 461] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 460] <... futex resumed>) = 0 [pid 460] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 461] <... clone3 resumed> => {parent_tid=[13]}, 88) = 13 [pid 461] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 461] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 461] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 462 attached ./strace-static-x86_64: Process 463 attached [pid 463] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 463] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 462] set_robust_list(0x7fc71fb3c9a0, 24 [pid 463] memfd_create("syzkaller", 0 [pid 462] <... set_robust_list resumed>) = 0 [pid 462] rt_sigprocmask(SIG_SETMASK, [], [pid 463] <... memfd_create resumed>) = 3 [pid 463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 462] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 462] memfd_create("syzkaller", 0) = 3 [pid 462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 457] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./4/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./4/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./4/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./4/file4") = 0 [pid 294] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./4/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./4") = 0 [pid 294] mkdir("./5", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 12 [pid 459] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 464 attached [pid 464] set_robust_list(0x5555875796a0, 24) = 0 [pid 464] chdir("./5") = 0 [pid 464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 464] setpgid(0, 0) = 0 [pid 464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 464] write(3, "1000", 4) = 4 [pid 464] close(3) = 0 [pid 464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 464] write(1, "executing program\n", 18executing program ) = 18 [pid 464] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 464] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 464] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 464] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 464] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 464] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[13]}, 88) = 13 [pid 464] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 464] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 464] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 465 attached [pid 465] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 465] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 465] memfd_create("syzkaller", 0) = 3 [pid 465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 462] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 459] <... write resumed>) = 20699119 [pid 459] munmap(0x7fc71771c000, 138412032) = 0 [pid 463] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 459] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 459] ioctl(4, LOOP_SET_FD, 3 [pid 457] <... write resumed>) = 20699119 [pid 457] munmap(0x7fc71771c000, 138412032) = 0 [pid 457] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 457] ioctl(4, LOOP_SET_FD, 3 [pid 459] <... ioctl resumed>) = 0 [pid 459] close(3) = 0 [pid 459] close(4) = 0 [pid 459] mkdir("./file4", 0777) = 0 [pid 459] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 457] <... ioctl resumed>) = 0 [pid 457] close(3) = 0 [pid 457] close(4) = 0 [pid 457] mkdir("./file4", 0777) = 0 [ 30.567115][ T459] loop1: detected capacity change from 0 to 40427 [ 30.586079][ T457] loop3: detected capacity change from 0 to 40427 [ 30.601690][ T459] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 30.624456][ T457] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 30.644114][ T457] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 30.647702][ T459] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 457] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 462] <... write resumed>) = 20699119 [ 30.671808][ T457] F2FS-fs (loop3): fault_injection options not supported [ 30.694149][ T457] F2FS-fs (loop3): fault_type options not supported [ 30.695250][ T459] F2FS-fs (loop1): fault_injection options not supported [ 30.717844][ T459] F2FS-fs (loop1): fault_type options not supported [pid 462] munmap(0x7fc71771c000, 138412032) = 0 [pid 462] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 463] <... write resumed>) = 20699119 [pid 463] munmap(0x7fc71771c000, 138412032 [pid 462] <... openat resumed>) = 4 [pid 462] ioctl(4, LOOP_SET_FD, 3 [pid 463] <... munmap resumed>) = 0 [pid 463] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 463] ioctl(4, LOOP_SET_FD, 3 [pid 462] <... ioctl resumed>) = 0 [pid 462] close(3) = 0 [pid 462] close(4) = 0 [pid 462] mkdir("./file4", 0777) = 0 [pid 462] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 463] <... ioctl resumed>) = 0 [pid 463] close(3) = 0 [pid 463] close(4) = 0 [pid 463] mkdir("./file4", 0777) = 0 [ 30.725387][ T457] F2FS-fs (loop3): invalid crc value [ 30.727005][ T459] F2FS-fs (loop1): invalid crc value [ 30.737470][ T462] loop4: detected capacity change from 0 to 40427 [ 30.738708][ T463] loop2: detected capacity change from 0 to 40427 [ 30.754384][ T462] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 30.762496][ T457] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 463] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 465] <... write resumed>) = 20699119 [pid 465] munmap(0x7fc71771c000, 138412032) = 0 [pid 465] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 30.772180][ T463] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 30.779264][ T463] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 30.798592][ T462] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 30.799079][ T463] F2FS-fs (loop2): fault_injection options not supported [ 30.815770][ T459] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 465] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 465] close(3) = 0 [pid 465] close(4) = 0 [pid 465] mkdir("./file4", 0777) = 0 [ 30.827063][ T465] loop0: detected capacity change from 0 to 40427 [ 30.833854][ T463] F2FS-fs (loop2): fault_type options not supported [ 30.840442][ T462] F2FS-fs (loop4): fault_injection options not supported [ 30.849328][ T465] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 30.857531][ T463] F2FS-fs (loop2): invalid crc value [ 30.863457][ T462] F2FS-fs (loop4): fault_type options not supported [ 30.868905][ T465] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 30.878199][ T462] F2FS-fs (loop4): invalid crc value [ 30.881920][ T465] F2FS-fs (loop0): fault_injection options not supported [ 30.890581][ T457] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 30.898867][ T465] F2FS-fs (loop0): fault_type options not supported [ 30.899355][ T457] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 30.908346][ T459] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 30.915280][ T462] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 465] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 457] <... mount resumed>) = 0 [pid 457] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 457] chdir("./file4") = 0 [pid 457] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 459] <... mount resumed>) = 0 [pid 459] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 459] chdir("./file4") = 0 [pid 459] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 457] <... openat resumed>) = 4 [pid 459] <... openat resumed>) = 4 [pid 459] ioctl(4, LOOP_CLR_FD) = 0 [pid 459] close(4 [pid 457] ioctl(4, LOOP_CLR_FD) = 0 [pid 457] close(4) = 0 [pid 457] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 456] <... futex resumed>) = 0 [pid 456] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 456] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 457] fspick(AT_FDCWD, ".", 0) = 4 [pid 457] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 456] <... futex resumed>) = 0 [pid 456] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 456] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 457] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 459] <... close resumed>) = 0 [pid 459] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 459] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] <... futex resumed>) = 0 [pid 458] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 459] <... futex resumed>) = 0 [pid 458] <... futex resumed>) = 1 [pid 459] fspick(AT_FDCWD, ".", 0) = 4 [pid 459] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 459] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 458] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 459] <... futex resumed>) = 0 [pid 458] <... futex resumed>) = 1 [pid 459] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 30.921447][ T465] F2FS-fs (loop0): invalid crc value [ 30.933970][ T463] F2FS-fs (loop2): Found nat_bits in checkpoint [ 30.934078][ T459] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 30.963952][ T457] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 458] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 457] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 457] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 456] <... futex resumed>) = 0 [pid 456] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 457] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 456] <... futex resumed>) = 0 [pid 456] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 457] <... open resumed>) = 5 [pid 457] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 456] <... futex resumed>) = 0 [pid 456] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 456] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 457] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 457] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 456] <... futex resumed>) = 0 [pid 456] close(3) = 0 [pid 456] close(4) = 0 [pid 456] close(5) = 0 [pid 456] close(6) = -1 EBADF (Bad file descriptor) [pid 456] close(7) = -1 EBADF (Bad file descriptor) [pid 456] close(8) = -1 EBADF (Bad file descriptor) [pid 456] close(9) = -1 EBADF (Bad file descriptor) [pid 456] close(10) = -1 EBADF (Bad file descriptor) [pid 456] close(11) = -1 EBADF (Bad file descriptor) [pid 456] close(12) = -1 EBADF (Bad file descriptor) [pid 456] close(13) = -1 EBADF (Bad file descriptor) [pid 456] close(14) = -1 EBADF (Bad file descriptor) [pid 456] close(15) = -1 EBADF (Bad file descriptor) [pid 456] close(16) = -1 EBADF (Bad file descriptor) [pid 456] close(17) = -1 EBADF (Bad file descriptor) [pid 456] close(18) = -1 EBADF (Bad file descriptor) [pid 456] close(19) = -1 EBADF (Bad file descriptor) [pid 456] close(20) = -1 EBADF (Bad file descriptor) [pid 456] close(21) = -1 EBADF (Bad file descriptor) [pid 456] close(22) = -1 EBADF (Bad file descriptor) [pid 456] close(23) = -1 EBADF (Bad file descriptor) [pid 456] close(24) = -1 EBADF (Bad file descriptor) [pid 456] close(25) = -1 EBADF (Bad file descriptor) [pid 456] close(26) = -1 EBADF (Bad file descriptor) [pid 456] close(27) = -1 EBADF (Bad file descriptor) [pid 456] close(28) = -1 EBADF (Bad file descriptor) [pid 456] close(29) = -1 EBADF (Bad file descriptor) [pid 456] exit_group(0) = ? [pid 457] +++ exited with 0 +++ [pid 456] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 459] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 459] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 458] <... futex resumed>) = 0 [pid 458] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 458] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 459] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 459] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 459] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 298] <... restart_syscall resumed>) = 0 [pid 458] <... futex resumed>) = 0 [pid 298] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 30.982436][ T459] F2FS-fs (loop1): switch discard_unit option is not allowed [ 30.992493][ T465] F2FS-fs (loop0): Found nat_bits in checkpoint [ 31.012908][ T298] syz-executor248: attempt to access beyond end of device [ 31.012908][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 458] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 459] <... futex resumed>) = 0 [pid 459] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 459] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 459] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 458] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 462] <... mount resumed>) = 0 [pid 462] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 458] close(3 [pid 462] chdir("./file4" [pid 458] <... close resumed>) = 0 [pid 462] <... chdir resumed>) = 0 [pid 462] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 462] ioctl(4, LOOP_CLR_FD) = 0 [pid 462] close(4) = 0 [pid 462] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 462] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 460] <... futex resumed>) = 0 [ 31.029339][ T462] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 31.037326][ T462] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 31.046474][ T463] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 31.054732][ T463] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 31.059851][ T465] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [pid 458] close(4 [pid 460] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... close resumed>) = 0 [pid 460] <... futex resumed>) = 1 [pid 458] close(5 [pid 462] <... futex resumed>) = 0 [pid 462] fspick(AT_FDCWD, ".", 0) = 4 [pid 462] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 462] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 463] <... mount resumed>) = 0 [pid 463] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 458] <... close resumed>) = 0 [pid 460] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... openat resumed>) = 3 [pid 463] chdir("./file4") = 0 [pid 463] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 463] ioctl(4, LOOP_CLR_FD) = 0 [pid 463] close(4 [pid 460] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 458] close(6 [pid 460] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 460] <... futex resumed>) = 1 [pid 458] close(7 [pid 460] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 462] <... futex resumed>) = 0 [pid 458] close(8) = -1 EBADF (Bad file descriptor) [pid 462] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 458] close(9) = -1 EBADF (Bad file descriptor) [pid 465] <... mount resumed>) = 0 [pid 458] close(10 [pid 465] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 458] close(11) = -1 EBADF (Bad file descriptor) [pid 465] <... openat resumed>) = 3 [pid 458] close(12 [pid 465] chdir("./file4" [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 465] <... chdir resumed>) = 0 [pid 458] close(13 [pid 465] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 458] close(14) = -1 EBADF (Bad file descriptor) [pid 465] <... openat resumed>) = 4 [pid 458] close(15 [pid 465] ioctl(4, LOOP_CLR_FD [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 465] <... ioctl resumed>) = 0 [pid 458] close(16 [pid 465] close(4 [pid 463] <... close resumed>) = 0 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 465] <... close resumed>) = 0 [pid 463] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = 0 [pid 458] close(17 [pid 461] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 461] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... futex resumed>) = 1 [pid 463] fspick(AT_FDCWD, ".", 0) = 4 [pid 463] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = 0 [pid 461] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 461] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... futex resumed>) = 1 [pid 463] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 465] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 458] close(18 [pid 465] <... futex resumed>) = 1 [pid 464] <... futex resumed>) = 0 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 465] fspick(AT_FDCWD, ".", 0 [pid 464] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] close(19 [pid 464] <... futex resumed>) = 0 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 464] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 458] close(20 [pid 465] <... fspick resumed>) = 4 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 458] close(21 [pid 465] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 458] close(22 [pid 464] <... futex resumed>) = 0 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 465] <... futex resumed>) = 1 [pid 464] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] close(23 [pid 464] <... futex resumed>) = 0 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 465] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 464] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 458] close(24) = -1 EBADF (Bad file descriptor) [pid 462] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 458] close(25 [pid 462] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 458] close(26 [pid 462] <... futex resumed>) = 1 [pid 460] <... futex resumed>) = 0 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 460] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 458] close(27 [pid 460] <... futex resumed>) = 0 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 460] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 458] close(28 [pid 462] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 458] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 458] close(29) = -1 EBADF (Bad file descriptor) [pid 458] exit_group(0 [pid 459] <... futex resumed>) = ? [pid 458] <... exit_group resumed>) = ? [pid 459] +++ exited with 0 +++ [pid 458] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 462] <... open resumed>) = 5 [pid 462] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 460] <... futex resumed>) = 0 [pid 462] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 460] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 462] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 460] <... futex resumed>) = 0 [pid 462] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 460] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 462] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 462] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 462] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 460] <... futex resumed>) = 0 [pid 460] close(3 [pid 463] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 460] <... close resumed>) = 0 [pid 463] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 460] close(4 [pid 461] <... futex resumed>) = 0 [pid 460] <... close resumed>) = 0 [pid 461] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 460] close(5 [pid 461] <... futex resumed>) = 0 [pid 460] <... close resumed>) = 0 [pid 461] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 460] close(6 [pid 463] <... futex resumed>) = 1 [pid 460] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 463] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 460] close(7) = -1 EBADF (Bad file descriptor) [pid 460] close(8) = -1 EBADF (Bad file descriptor) [pid 460] close(9) = -1 EBADF (Bad file descriptor) [pid 460] close(10) = -1 EBADF (Bad file descriptor) [pid 460] close(11) = -1 EBADF (Bad file descriptor) [pid 460] close(12) = -1 EBADF (Bad file descriptor) [pid 460] close(13) = -1 EBADF (Bad file descriptor) [pid 460] close(14) = -1 EBADF (Bad file descriptor) [pid 460] close(15) = -1 EBADF (Bad file descriptor) [pid 460] close(16) = -1 EBADF (Bad file descriptor) [pid 460] close(17) = -1 EBADF (Bad file descriptor) [pid 460] close(18) = -1 EBADF (Bad file descriptor) [pid 460] close(19) = -1 EBADF (Bad file descriptor) [pid 460] close(20) = -1 EBADF (Bad file descriptor) [pid 460] close(21) = -1 EBADF (Bad file descriptor) [pid 460] close(22) = -1 EBADF (Bad file descriptor) [pid 460] close(23) = -1 EBADF (Bad file descriptor) [pid 460] close(24) = -1 EBADF (Bad file descriptor) [pid 460] close(25) = -1 EBADF (Bad file descriptor) [pid 460] close(26) = -1 EBADF (Bad file descriptor) [pid 460] close(27) = -1 EBADF (Bad file descriptor) [pid 460] close(28) = -1 EBADF (Bad file descriptor) [pid 460] close(29) = -1 EBADF (Bad file descriptor) [pid 460] exit_group(0 [pid 462] <... futex resumed>) = ? [pid 460] <... exit_group resumed>) = ? [pid 462] +++ exited with 0 +++ [pid 463] <... open resumed>) = 5 [pid 463] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = 0 [pid 461] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 461] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 463] <... futex resumed>) = 1 [pid 460] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=7, si_stime=15} --- [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 463] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 463] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 461] <... futex resumed>) = 0 [pid 461] close(3) = 0 [pid 461] close(4) = 0 [pid 461] close(5) = 0 [pid 461] close(6) = -1 EBADF (Bad file descriptor) [pid 461] close(7) = -1 EBADF (Bad file descriptor) [pid 461] close(8) = -1 EBADF (Bad file descriptor) [pid 461] close(9) = -1 EBADF (Bad file descriptor) [pid 461] close(10) = -1 EBADF (Bad file descriptor) [pid 461] close(11) = -1 EBADF (Bad file descriptor) [pid 461] close(12) = -1 EBADF (Bad file descriptor) [pid 461] close(13) = -1 EBADF (Bad file descriptor) [pid 461] close(14) = -1 EBADF (Bad file descriptor) [pid 461] close(15) = -1 EBADF (Bad file descriptor) [pid 461] close(16) = -1 EBADF (Bad file descriptor) [pid 461] close(17) = -1 EBADF (Bad file descriptor) [pid 461] close(18) = -1 EBADF (Bad file descriptor) [pid 461] close(19) = -1 EBADF (Bad file descriptor) [pid 461] close(20) = -1 EBADF (Bad file descriptor) [pid 461] close(21) = -1 EBADF (Bad file descriptor) [pid 461] close(22) = -1 EBADF (Bad file descriptor) [pid 461] close(23) = -1 EBADF (Bad file descriptor) [pid 461] close(24) = -1 EBADF (Bad file descriptor) [pid 461] close(25) = -1 EBADF (Bad file descriptor) [pid 461] close(26) = -1 EBADF (Bad file descriptor) [pid 461] close(27) = -1 EBADF (Bad file descriptor) [pid 461] close(28) = -1 EBADF (Bad file descriptor) [pid 461] close(29) = -1 EBADF (Bad file descriptor) [pid 461] exit_group(0) = ? [pid 463] <... futex resumed>) = ? [pid 299] <... restart_syscall resumed>) = 0 [pid 297] <... restart_syscall resumed>) = 0 [pid 299] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 297] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 299] <... openat resumed>) = 3 [pid 297] <... openat resumed>) = 3 [pid 299] newfstatat(3, "", [pid 297] newfstatat(3, "", [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, [pid 297] getdents64(3, [pid 299] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 31.075918][ T465] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 31.084475][ T462] F2FS-fs (loop4): switch discard_unit option is not allowed [ 31.097427][ T463] F2FS-fs (loop2): switch discard_unit option is not allowed [ 31.108164][ T465] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 297] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 465] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 463] +++ exited with 0 +++ [pid 461] +++ exited with 0 +++ [pid 465] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 465] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 465] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 465] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 464] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 465] <... open resumed>) = 5 [pid 465] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 465] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 465] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 464] <... futex resumed>) = 0 [pid 465] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 464] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 465] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 465] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 464] <... futex resumed>) = 0 [pid 465] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 464] close(3) = 0 [pid 464] close(4) = 0 [pid 464] close(5) = 0 [pid 464] close(6) = -1 EBADF (Bad file descriptor) [pid 464] close(7) = -1 EBADF (Bad file descriptor) [pid 464] close(8) = -1 EBADF (Bad file descriptor) [pid 464] close(9) = -1 EBADF (Bad file descriptor) [pid 464] close(10) = -1 EBADF (Bad file descriptor) [pid 464] close(11) = -1 EBADF (Bad file descriptor) [pid 464] close(12) = -1 EBADF (Bad file descriptor) [pid 464] close(13) = -1 EBADF (Bad file descriptor) [pid 464] close(14) = -1 EBADF (Bad file descriptor) [pid 464] close(15) = -1 EBADF (Bad file descriptor) [pid 464] close(16) = -1 EBADF (Bad file descriptor) [pid 464] close(17) = -1 EBADF (Bad file descriptor) [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [pid 464] close(18) = -1 EBADF (Bad file descriptor) [pid 464] close(19) = -1 EBADF (Bad file descriptor) [pid 464] close(20) = -1 EBADF (Bad file descriptor) [pid 464] close(21) = -1 EBADF (Bad file descriptor) [pid 464] close(22) = -1 EBADF (Bad file descriptor) [pid 464] close(23) = -1 EBADF (Bad file descriptor) [pid 464] close(24) = -1 EBADF (Bad file descriptor) [pid 464] close(25) = -1 EBADF (Bad file descriptor) [pid 464] close(26) = -1 EBADF (Bad file descriptor) [pid 464] close(27) = -1 EBADF (Bad file descriptor) [pid 464] close(28) = -1 EBADF (Bad file descriptor) [pid 464] close(29) = -1 EBADF (Bad file descriptor) [pid 464] exit_group(0 [pid 465] <... futex resumed>) = ? [pid 464] <... exit_group resumed>) = ? [pid 465] +++ exited with 0 +++ [pid 464] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=12, si_uid=0, si_status=0, si_utime=8, si_stime=21} --- [pid 293] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 31.129791][ T299] syz-executor248: attempt to access beyond end of device [ 31.129791][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 31.146726][ T297] syz-executor248: attempt to access beyond end of device [ 31.146726][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 31.174862][ T293] syz-executor248: attempt to access beyond end of device [pid 293] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./5/file4") = 0 [pid 298] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./5/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./5") = 0 [pid 298] mkdir("./6", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 14 ./strace-static-x86_64: Process 486 attached [pid 486] set_robust_list(0x5555875796a0, 24) = 0 [pid 486] chdir("./6") = 0 [pid 486] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 486] setpgid(0, 0) = 0 [pid 486] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 486] write(3, "1000", 4) = 4 [pid 486] close(3) = 0 [pid 486] symlink("/dev/binderfs", "./binderfs") = 0 [pid 486] write(1, "executing program\n", 18executing program ) = 18 [pid 486] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 486] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 486] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 486] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 486] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 486] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 486] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[15]}, 88) = 15 [pid 486] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 486] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 486] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 487 attached [ 31.174862][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 31.192997][ T294] syz-executor248: attempt to access beyond end of device [ 31.192997][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 487] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 487] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 487] memfd_create("syzkaller", 0) = 3 [pid 487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./5/file4") = 0 [pid 297] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./5/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./5") = 0 [pid 297] mkdir("./6", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 14 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 488 attached [pid 488] set_robust_list(0x5555875796a0, 24) = 0 [pid 488] chdir("./6") = 0 [pid 488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 488] setpgid(0, 0) = 0 [pid 488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 488] write(3, "1000", 4) = 4 [pid 488] close(3) = 0 [pid 488] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 488] write(1, "executing program\n", 18) = 18 [pid 488] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 488] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 488] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 488] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 488] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 488] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 488] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[15]}, 88) = 15 [pid 299] getdents64(4, [pid 488] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 489 attached [pid 488] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 489] set_robust_list(0x7fc71fb3c9a0, 24 [pid 488] <... futex resumed>) = 0 [pid 299] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 489] <... set_robust_list resumed>) = 0 [pid 488] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 489] rt_sigprocmask(SIG_SETMASK, [], [pid 299] close(4) = 0 [pid 299] rmdir("./5/file4") = 0 [pid 299] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./5/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./5") = 0 [pid 299] mkdir("./6", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 489] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 489] memfd_create("syzkaller", 0 [pid 299] <... openat resumed>) = 3 [pid 489] <... memfd_create resumed>) = 3 [pid 299] ioctl(3, LOOP_CLR_FD [pid 489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 14 ./strace-static-x86_64: Process 490 attached [pid 490] set_robust_list(0x5555875796a0, 24) = 0 [pid 490] chdir("./6") = 0 [pid 490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 490] setpgid(0, 0) = 0 [pid 490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 490] write(3, "1000", 4) = 4 [pid 490] close(3) = 0 [pid 490] symlink("/dev/binderfs", "./binderfs") = 0 [pid 490] write(1, "executing program\n", 18executing program ) = 18 [pid 490] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 490] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 490] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 490] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 490] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 490] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 490] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[15]}, 88) = 15 [pid 490] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 490] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 490] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 491 attached [pid 491] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 491] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 491] memfd_create("syzkaller", 0) = 3 [pid 491] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./5/file4") = 0 [pid 293] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./5/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./5") = 0 [pid 293] mkdir("./6", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] <... umount2 resumed>) = 0 [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 14 [pid 294] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./5/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./5/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./5/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 492 attached [pid 294] getdents64(4, [pid 492] set_robust_list(0x5555875796a0, 24 [pid 294] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 492] <... set_robust_list resumed>) = 0 [pid 294] getdents64(4, [pid 492] chdir("./6" [pid 294] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 492] <... chdir resumed>) = 0 [pid 294] close(4 [pid 492] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 294] <... close resumed>) = 0 [pid 492] <... prctl resumed>) = 0 [pid 294] rmdir("./5/file4" [pid 492] setpgid(0, 0 [pid 294] <... rmdir resumed>) = 0 [pid 492] <... setpgid resumed>) = 0 [pid 294] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 294] newfstatat(AT_FDCWD, "./5/binderfs", [pid 492] <... openat resumed>) = 3 [pid 294] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 492] write(3, "1000", 4 [pid 294] unlink("./5/binderfs" [pid 492] <... write resumed>) = 4 [pid 294] <... unlink resumed>) = 0 [pid 492] close(3 [pid 294] getdents64(3, [pid 492] <... close resumed>) = 0 [pid 294] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 492] symlink("/dev/binderfs", "./binderfs" [pid 294] close(3 [pid 492] <... symlink resumed>) = 0 [pid 294] <... close resumed>) = 0 executing program [pid 492] write(1, "executing program\n", 18 [pid 294] rmdir("./5" [pid 492] <... write resumed>) = 18 [pid 492] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] <... rmdir resumed>) = 0 [pid 492] <... futex resumed>) = 0 [pid 294] mkdir("./6", 0777 [pid 492] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 294] <... mkdir resumed>) = 0 [pid 492] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 492] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 492] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 294] <... openat resumed>) = 3 [pid 492] <... mmap resumed>) = 0x7fc71fb1c000 [pid 294] ioctl(3, LOOP_CLR_FD [pid 492] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 492] <... mprotect resumed>) = 0 [pid 294] close(3 [pid 492] rt_sigprocmask(SIG_BLOCK, ~[], [pid 294] <... close resumed>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 492] <... rt_sigprocmask resumed>[], 8) = 0 [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 14 [pid 492] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[15]}, 88) = 15 [pid 492] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 492] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 492] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 493 attached [pid 493] set_robust_list(0x5555875796a0, 24) = 0 [pid 493] chdir("./6") = 0 [pid 493] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 493] setpgid(0, 0) = 0 [pid 493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 494 attached [pid 494] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 494] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 493] <... openat resumed>) = 3 [pid 494] memfd_create("syzkaller", 0) = 3 [pid 494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 493] write(3, "1000", 4) = 4 [pid 493] close(3) = 0 [pid 493] symlink("/dev/binderfs", "./binderfs") = 0 [pid 493] write(1, "executing program\n", 18executing program ) = 18 [pid 493] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 493] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 493] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 493] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 493] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 493] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 493] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[15]}, 88) = 15 [pid 493] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 493] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 493] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 495 attached [pid 495] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 495] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 495] memfd_create("syzkaller", 0) = 3 [pid 495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 487] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 491] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 489] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 487] <... write resumed>) = 20699119 [pid 487] munmap(0x7fc71771c000, 138412032) = 0 [pid 487] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 487] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 487] close(3) = 0 [pid 487] close(4) = 0 [pid 487] mkdir("./file4", 0777) = 0 [pid 487] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 31.725293][ T487] loop3: detected capacity change from 0 to 40427 [ 31.745293][ T487] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 31.774910][ T487] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 31.791075][ T487] F2FS-fs (loop3): fault_injection options not supported [pid 494] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 491] <... write resumed>) = 20699119 [pid 491] munmap(0x7fc71771c000, 138412032) = 0 [pid 491] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 491] ioctl(4, LOOP_SET_FD, 3 [pid 489] <... write resumed>) = 20699119 [pid 489] munmap(0x7fc71771c000, 138412032) = 0 [pid 489] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 489] ioctl(4, LOOP_SET_FD, 3 [pid 491] <... ioctl resumed>) = 0 [pid 491] close(3) = 0 [pid 491] close(4) = 0 [pid 491] mkdir("./file4", 0777) = 0 [ 31.818686][ T487] F2FS-fs (loop3): fault_type options not supported [ 31.841206][ T487] F2FS-fs (loop3): invalid crc value [ 31.850132][ T491] loop4: detected capacity change from 0 to 40427 [ 31.859986][ T489] loop1: detected capacity change from 0 to 40427 [pid 491] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 489] <... ioctl resumed>) = 0 [pid 489] close(3) = 0 [pid 489] close(4) = 0 [pid 489] mkdir("./file4", 0777) = 0 [pid 489] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 495] <... write resumed>) = 20699119 [pid 495] munmap(0x7fc71771c000, 138412032) = 0 [pid 495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 31.871258][ T491] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 31.886548][ T489] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 31.896002][ T487] F2FS-fs (loop3): Found nat_bits in checkpoint [ 31.903119][ T491] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 31.911983][ T489] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 495] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 495] close(3) = 0 [pid 495] close(4) = 0 [pid 495] mkdir("./file4", 0777) = 0 [ 31.915642][ T495] loop0: detected capacity change from 0 to 40427 [ 31.920988][ T489] F2FS-fs (loop1): fault_injection options not supported [ 31.928970][ T491] F2FS-fs (loop4): fault_injection options not supported [ 31.959394][ T495] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 495] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 494] <... write resumed>) = 20699119 [pid 494] munmap(0x7fc71771c000, 138412032) = 0 [pid 494] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 494] ioctl(4, LOOP_SET_FD, 3) = 0 [ 31.968153][ T495] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 31.974511][ T489] F2FS-fs (loop1): fault_type options not supported [ 31.977069][ T491] F2FS-fs (loop4): fault_type options not supported [ 31.987824][ T495] F2FS-fs (loop0): fault_injection options not supported [ 32.002673][ T494] loop2: detected capacity change from 0 to 40427 [ 32.006581][ T491] F2FS-fs (loop4): invalid crc value [ 32.009908][ T495] F2FS-fs (loop0): fault_type options not supported [pid 494] close(3) = 0 [pid 494] close(4) = 0 [pid 487] <... mount resumed>) = 0 [pid 494] mkdir("./file4", 0777 [pid 487] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 494] <... mkdir resumed>) = 0 [pid 487] <... openat resumed>) = 3 [pid 494] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 487] chdir("./file4") = 0 [ 32.021464][ T489] F2FS-fs (loop1): invalid crc value [ 32.027476][ T487] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 32.034572][ T495] F2FS-fs (loop0): invalid crc value [ 32.035338][ T487] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 32.042503][ T491] F2FS-fs (loop4): Found nat_bits in checkpoint [ 32.063410][ T494] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 487] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 487] ioctl(4, LOOP_CLR_FD) = 0 [pid 487] close(4) = 0 [pid 487] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 487] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 486] <... futex resumed>) = 0 [pid 486] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 487] <... futex resumed>) = 0 [pid 486] <... futex resumed>) = 1 [pid 487] fspick(AT_FDCWD, ".", 0) = 4 [pid 486] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 487] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 486] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 487] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 486] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 487] <... futex resumed>) = 0 [pid 486] <... futex resumed>) = 1 [pid 487] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 486] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 487] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 487] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 486] <... futex resumed>) = 0 [pid 487] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 486] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 487] <... open resumed>) = 5 [ 32.063537][ T495] F2FS-fs (loop0): Found nat_bits in checkpoint [ 32.077253][ T494] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 32.078248][ T489] F2FS-fs (loop1): Found nat_bits in checkpoint [ 32.092640][ T494] F2FS-fs (loop2): fault_injection options not supported [ 32.102919][ T494] F2FS-fs (loop2): fault_type options not supported [ 32.113174][ T487] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 486] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 487] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 486] <... futex resumed>) = 0 [pid 487] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 486] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 487] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 486] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 487] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 487] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 486] <... futex resumed>) = 0 [pid 487] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 486] close(3) = 0 [pid 486] close(4) = 0 [pid 486] close(5) = 0 [pid 486] close(6) = -1 EBADF (Bad file descriptor) [pid 486] close(7) = -1 EBADF (Bad file descriptor) [pid 486] close(8) = -1 EBADF (Bad file descriptor) [pid 486] close(9) = -1 EBADF (Bad file descriptor) [pid 486] close(10) = -1 EBADF (Bad file descriptor) [pid 486] close(11) = -1 EBADF (Bad file descriptor) [pid 486] close(12) = -1 EBADF (Bad file descriptor) [pid 486] close(13) = -1 EBADF (Bad file descriptor) [pid 491] <... mount resumed>) = 0 [pid 486] close(14 [pid 491] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 486] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 491] <... openat resumed>) = 3 [pid 486] close(15 [pid 491] chdir("./file4" [pid 486] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 491] <... chdir resumed>) = 0 [pid 486] close(16 [pid 491] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 486] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 491] <... openat resumed>) = 4 [pid 486] close(17 [pid 491] ioctl(4, LOOP_CLR_FD [pid 486] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 491] <... ioctl resumed>) = 0 [pid 486] close(18 [pid 491] close(4 [pid 486] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 491] <... close resumed>) = 0 [pid 486] close(19 [pid 491] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 486] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 491] <... futex resumed>) = 1 [pid 486] close(20 [pid 491] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 486] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 486] close(21) = -1 EBADF (Bad file descriptor) [pid 486] close(22) = -1 EBADF (Bad file descriptor) [pid 486] close(23) = -1 EBADF (Bad file descriptor) [pid 486] close(24) = -1 EBADF (Bad file descriptor) [pid 486] close(25) = -1 EBADF (Bad file descriptor) [pid 486] close(26) = -1 EBADF (Bad file descriptor) [pid 486] close(27) = -1 EBADF (Bad file descriptor) [pid 486] close(28) = -1 EBADF (Bad file descriptor) [pid 486] close(29) = -1 EBADF (Bad file descriptor) [pid 486] exit_group(0 [pid 487] <... futex resumed>) = ? [pid 486] <... exit_group resumed>) = ? [pid 487] +++ exited with 0 +++ [pid 486] +++ exited with 0 +++ [pid 490] <... futex resumed>) = 0 [pid 490] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 490] <... futex resumed>) = 1 [pid 491] <... futex resumed>) = 0 [pid 491] fspick(AT_FDCWD, ".", 0) = 4 [pid 490] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 491] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 490] <... futex resumed>) = 0 [pid 491] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 490] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] <... futex resumed>) = 0 [pid 490] <... futex resumed>) = 1 [pid 491] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 490] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 491] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 491] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 32.132996][ T491] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 32.133577][ T494] F2FS-fs (loop2): invalid crc value [ 32.146609][ T491] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 32.167521][ T491] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 491] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 490] <... futex resumed>) = 0 [pid 490] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] <... futex resumed>) = 0 [pid 490] <... futex resumed>) = 1 [pid 490] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 491] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 491] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 490] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 490] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 491] <... futex resumed>) = 0 [pid 490] <... futex resumed>) = 1 [pid 490] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 491] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 491] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 490] <... futex resumed>) = 0 [pid 491] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 490] close(3) = 0 [pid 490] close(4) = 0 [pid 490] close(5) = 0 [pid 490] close(6) = -1 EBADF (Bad file descriptor) [pid 490] close(7) = -1 EBADF (Bad file descriptor) [pid 490] close(8) = -1 EBADF (Bad file descriptor) [pid 490] close(9) = -1 EBADF (Bad file descriptor) [pid 490] close(10) = -1 EBADF (Bad file descriptor) [pid 490] close(11) = -1 EBADF (Bad file descriptor) [pid 490] close(12) = -1 EBADF (Bad file descriptor) [pid 490] close(13) = -1 EBADF (Bad file descriptor) [pid 490] close(14) = -1 EBADF (Bad file descriptor) [pid 490] close(15) = -1 EBADF (Bad file descriptor) [pid 490] close(16) = -1 EBADF (Bad file descriptor) [pid 490] close(17) = -1 EBADF (Bad file descriptor) [pid 490] close(18) = -1 EBADF (Bad file descriptor) [pid 490] close(19) = -1 EBADF (Bad file descriptor) [pid 490] close(20) = -1 EBADF (Bad file descriptor) [pid 490] close(21) = -1 EBADF (Bad file descriptor) [pid 490] close(22) = -1 EBADF (Bad file descriptor) [pid 490] close(23) = -1 EBADF (Bad file descriptor) [pid 490] close(24) = -1 EBADF (Bad file descriptor) [pid 490] close(25) = -1 EBADF (Bad file descriptor) [pid 490] close(26) = -1 EBADF (Bad file descriptor) [pid 490] close(27) = -1 EBADF (Bad file descriptor) [pid 490] close(28) = -1 EBADF (Bad file descriptor) [pid 490] close(29) = -1 EBADF (Bad file descriptor) [pid 490] exit_group(0) = ? [pid 491] <... futex resumed>) = ? [pid 491] +++ exited with 0 +++ [pid 490] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=6, si_stime=22} --- [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 495] <... mount resumed>) = 0 [pid 495] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 495] chdir("./file4") = 0 [pid 495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 495] ioctl(4, LOOP_CLR_FD) = 0 [pid 495] close(4) = 0 [pid 495] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 495] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 489] <... mount resumed>) = 0 [pid 489] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 489] chdir("./file4") = 0 [pid 489] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 489] ioctl(4, LOOP_CLR_FD) = 0 [pid 493] <... futex resumed>) = 0 [pid 489] close(4 [pid 299] <... restart_syscall resumed>) = 0 [pid 493] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 495] <... futex resumed>) = 0 [pid 495] fspick(AT_FDCWD, ".", 0) = 4 [pid 495] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 32.177603][ T298] syz-executor248: attempt to access beyond end of device [ 32.177603][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 32.189604][ T494] F2FS-fs (loop2): Found nat_bits in checkpoint [ 32.193092][ T489] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 32.210582][ T495] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 32.217994][ T495] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 32.220559][ T489] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 495] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 489] <... close resumed>) = 0 [pid 489] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 488] <... futex resumed>) = 0 [pid 488] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 488] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 489] <... futex resumed>) = 1 [pid 489] fspick(AT_FDCWD, ".", 0) = 4 [pid 489] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 488] <... futex resumed>) = 0 [pid 488] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 488] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 489] <... futex resumed>) = 1 [pid 489] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 493] <... futex resumed>) = 0 [pid 493] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 495] <... futex resumed>) = 0 [pid 495] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 495] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 493] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 495] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 493] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 495] <... open resumed>) = 5 [pid 495] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 493] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 493] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 495] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 495] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 493] <... futex resumed>) = 0 [pid 493] close(3) = 0 [pid 493] close(4) = 0 [pid 493] close(5) = 0 [pid 493] close(6) = -1 EBADF (Bad file descriptor) [pid 493] close(7) = -1 EBADF (Bad file descriptor) [pid 493] close(8) = -1 EBADF (Bad file descriptor) [pid 493] close(9) = -1 EBADF (Bad file descriptor) [pid 493] close(10) = -1 EBADF (Bad file descriptor) [pid 493] close(11) = -1 EBADF (Bad file descriptor) [pid 493] close(12) = -1 EBADF (Bad file descriptor) [pid 493] close(13) = -1 EBADF (Bad file descriptor) [pid 493] close(14) = -1 EBADF (Bad file descriptor) [pid 493] close(15) = -1 EBADF (Bad file descriptor) [pid 493] close(16) = -1 EBADF (Bad file descriptor) [pid 493] close(17) = -1 EBADF (Bad file descriptor) [pid 495] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 493] close(18) = -1 EBADF (Bad file descriptor) [pid 493] close(19) = -1 EBADF (Bad file descriptor) [pid 493] close(20) = -1 EBADF (Bad file descriptor) [pid 493] close(21) = -1 EBADF (Bad file descriptor) [pid 493] close(22) = -1 EBADF (Bad file descriptor) [pid 493] close(23) = -1 EBADF (Bad file descriptor) [pid 493] close(24) = -1 EBADF (Bad file descriptor) [pid 493] close(25) = -1 EBADF (Bad file descriptor) [pid 493] close(26) = -1 EBADF (Bad file descriptor) [pid 493] close(27) = -1 EBADF (Bad file descriptor) [pid 493] close(28) = -1 EBADF (Bad file descriptor) [pid 493] close(29) = -1 EBADF (Bad file descriptor) [pid 493] exit_group(0) = ? [pid 495] <... futex resumed>) = ? [pid 495] +++ exited with 0 +++ [pid 493] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 489] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 489] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 488] <... futex resumed>) = 0 [pid 488] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 488] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 489] <... futex resumed>) = 1 [pid 489] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 489] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 488] <... futex resumed>) = 0 [pid 488] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 488] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 489] <... futex resumed>) = 1 [pid 489] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 489] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 488] <... futex resumed>) = 0 [pid 488] close(3) = 0 [pid 488] close(4) = 0 [pid 488] close(5) = 0 [pid 488] close(6) = -1 EBADF (Bad file descriptor) [pid 488] close(7) = -1 EBADF (Bad file descriptor) [pid 488] close(8) = -1 EBADF (Bad file descriptor) [pid 488] close(9) = -1 EBADF (Bad file descriptor) [pid 488] close(10) = -1 EBADF (Bad file descriptor) [pid 488] close(11) = -1 EBADF (Bad file descriptor) [pid 488] close(12) = -1 EBADF (Bad file descriptor) [pid 488] close(13) = -1 EBADF (Bad file descriptor) [pid 488] close(14) = -1 EBADF (Bad file descriptor) [pid 488] close(15) = -1 EBADF (Bad file descriptor) [pid 488] close(16) = -1 EBADF (Bad file descriptor) [pid 488] close(17) = -1 EBADF (Bad file descriptor) [pid 488] close(18) = -1 EBADF (Bad file descriptor) [pid 488] close(19) = -1 EBADF (Bad file descriptor) [pid 488] close(20) = -1 EBADF (Bad file descriptor) [pid 488] close(21) = -1 EBADF (Bad file descriptor) [pid 488] close(22) = -1 EBADF (Bad file descriptor) [pid 488] close(23) = -1 EBADF (Bad file descriptor) [pid 488] close(24) = -1 EBADF (Bad file descriptor) [pid 488] close(25) = -1 EBADF (Bad file descriptor) [pid 488] close(26) = -1 EBADF (Bad file descriptor) [pid 488] close(27) = -1 EBADF (Bad file descriptor) [pid 488] close(28) = -1 EBADF (Bad file descriptor) [pid 488] close(29) = -1 EBADF (Bad file descriptor) [pid 488] exit_group(0 [pid 294] <... restart_syscall resumed>) = 0 [pid 488] <... exit_group resumed>) = ? [pid 294] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 489] <... futex resumed>) = ? [pid 489] +++ exited with 0 +++ [pid 488] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=4, si_stime=24} --- [ 32.261014][ T299] syz-executor248: attempt to access beyond end of device [ 32.261014][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 32.274062][ T489] F2FS-fs (loop1): switch discard_unit option is not allowed [ 32.283631][ T495] F2FS-fs (loop0): switch discard_unit option is not allowed [ 32.301532][ T494] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 494] <... mount resumed>) = 0 [pid 494] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 494] chdir("./file4") = 0 [pid 494] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 494] ioctl(4, LOOP_CLR_FD) = 0 [pid 494] close(4) = 0 [pid 494] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 0 [pid 492] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 492] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... futex resumed>) = 1 [pid 494] fspick(AT_FDCWD, ".", 0) = 4 [pid 494] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 0 [pid 492] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 492] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... futex resumed>) = 1 [pid 494] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 494] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 0 [pid 492] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 492] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... futex resumed>) = 1 [pid 494] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 494] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 0 [pid 492] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 492] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 494] <... futex resumed>) = 1 [pid 494] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 494] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 492] <... futex resumed>) = 0 [pid 492] close(3) = 0 [pid 492] close(4) = 0 [pid 492] close(5) = 0 [pid 492] close(6) = -1 EBADF (Bad file descriptor) [pid 492] close(7) = -1 EBADF (Bad file descriptor) [pid 492] close(8) = -1 EBADF (Bad file descriptor) [pid 492] close(9) = -1 EBADF (Bad file descriptor) [pid 492] close(10) = -1 EBADF (Bad file descriptor) [pid 492] close(11) = -1 EBADF (Bad file descriptor) [pid 492] close(12) = -1 EBADF (Bad file descriptor) [pid 492] close(13) = -1 EBADF (Bad file descriptor) [pid 492] close(14) = -1 EBADF (Bad file descriptor) [pid 492] close(15) = -1 EBADF (Bad file descriptor) [pid 492] close(16) = -1 EBADF (Bad file descriptor) [pid 492] close(17) = -1 EBADF (Bad file descriptor) [pid 492] close(18) = -1 EBADF (Bad file descriptor) [pid 492] close(19) = -1 EBADF (Bad file descriptor) [pid 492] close(20) = -1 EBADF (Bad file descriptor) [pid 492] close(21) = -1 EBADF (Bad file descriptor) [pid 492] close(22) = -1 EBADF (Bad file descriptor) [pid 492] close(23) = -1 EBADF (Bad file descriptor) [pid 492] close(24) = -1 EBADF (Bad file descriptor) [pid 492] close(25) = -1 EBADF (Bad file descriptor) [pid 492] close(26) = -1 EBADF (Bad file descriptor) [pid 492] close(27) = -1 EBADF (Bad file descriptor) [pid 492] close(28) = -1 EBADF (Bad file descriptor) [pid 492] close(29) = -1 EBADF (Bad file descriptor) [pid 492] exit_group(0) = ? [pid 494] <... futex resumed>) = ? [pid 494] +++ exited with 0 +++ [pid 492] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=14, si_uid=0, si_status=0, si_utime=10, si_stime=15} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 32.322068][ T494] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 32.333353][ T297] syz-executor248: attempt to access beyond end of device [ 32.333353][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 32.356489][ T494] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 293] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./6/file4") = 0 [pid 298] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./6/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./6") = 0 [pid 298] mkdir("./7", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 16 ./strace-static-x86_64: Process 516 attached [pid 516] set_robust_list(0x5555875796a0, 24) = 0 [pid 516] chdir("./7") = 0 [pid 516] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 516] setpgid(0, 0) = 0 [pid 516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 516] write(3, "1000", 4) = 4 [pid 516] close(3) = 0 [pid 516] symlink("/dev/binderfs", "./binderfs") = 0 [pid 516] write(1, "executing program\n", 18executing program ) = 18 [pid 516] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 516] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 516] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 516] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 516] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 516] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 516] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[17]}, 88) = 17 [pid 516] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 516] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 516] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 517 attached [pid 517] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 517] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 517] memfd_create("syzkaller", 0) = 3 [pid 517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./6/file4") = 0 [pid 299] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./6/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./6") = 0 [pid 299] mkdir("./7", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 16 ./strace-static-x86_64: Process 518 attached [pid 518] set_robust_list(0x5555875796a0, 24) = 0 [pid 293] <... umount2 resumed>) = 0 [pid 518] chdir("./7") = 0 [pid 518] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 518] setpgid(0, 0) = 0 [pid 518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 518] write(3, "1000", 4) = 4 [pid 518] close(3) = 0 [pid 518] symlink("/dev/binderfs", "./binderfs") = 0 [pid 518] write(1, "executing program\n", 18executing program ) = 18 [pid 518] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 518] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 518] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 518] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 293] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 518] <... mmap resumed>) = 0x7fc71fb1c000 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 518] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 293] newfstatat(AT_FDCWD, "./6/file4", [pid 518] <... mprotect resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 518] rt_sigprocmask(SIG_BLOCK, ~[], [pid 293] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 518] <... rt_sigprocmask resumed>[], 8) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 518] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 293] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 518] <... clone3 resumed> => {parent_tid=[17]}, 88) = 17 [pid 293] newfstatat(4, "", [pid 518] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 518] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] getdents64(4, [pid 518] <... futex resumed>) = 0 [pid 293] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 518] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./6/file4") = 0 [pid 293] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./6/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./6") = 0 [pid 293] mkdir("./7", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 519 attached , child_tidptr=0x555587579690) = 16 [pid 519] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 519] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 519] memfd_create("syzkaller", 0) = 3 [pid 519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 520 attached [pid 520] set_robust_list(0x5555875796a0, 24) = 0 [pid 520] chdir("./7") = 0 [pid 520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 520] setpgid(0, 0) = 0 [pid 520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 520] write(3, "1000", 4) = 4 [pid 520] close(3) = 0 [pid 520] symlink("/dev/binderfs", "./binderfs") = 0 [pid 520] write(1, "executing program\n", 18executing program ) = 18 [pid 520] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 520] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 520] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 520] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 520] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 520] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 520] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[17]}, 88) = 17 [pid 520] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 520] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 520] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 521 attached [pid 521] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 521] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 521] memfd_create("syzkaller", 0) = 3 [pid 521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 517] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./6/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./6/file4") = 0 [pid 294] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./6/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./6") = 0 [pid 294] mkdir("./7", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... openat resumed>) = 3 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] ioctl(3, LOOP_CLR_FD [pid 297] newfstatat(AT_FDCWD, "./6/file4", [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] close(3 [pid 297] umount2("./6/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... close resumed>) = 0 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] openat(AT_FDCWD, "./6/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 16 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./6/file4") = 0 [pid 297] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./6/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3./strace-static-x86_64: Process 522 attached ) = 0 [pid 297] rmdir("./6") = 0 [pid 297] mkdir("./7", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 16 [pid 522] set_robust_list(0x5555875796a0, 24) = 0 [pid 522] chdir("./7") = 0 [pid 522] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 522] setpgid(0, 0) = 0 [pid 522] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 522] write(3, "1000", 4) = 4 [pid 522] close(3) = 0 [pid 522] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 522] write(1, "executing program\n", 18) = 18 [pid 522] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 522] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 522] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 522] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 522] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 522] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 522] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[17]}, 88) = 17 [pid 522] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 522] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 522] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 523 attached [pid 523] set_robust_list(0x5555875796a0, 24) = 0 [pid 523] chdir("./7") = 0 [pid 523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 523] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 524 attached [pid 523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 523] write(3, "1000", 4) = 4 [pid 523] close(3) = 0 [pid 523] symlink("/dev/binderfs", "./binderfs") = 0 [pid 523] write(1, "executing program\n", 18executing program ) = 18 [pid 523] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 523] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 523] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 523] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 523] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 523] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[17]}, 88) = 17 [pid 523] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 523] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 524] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 524] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 524] memfd_create("syzkaller", 0) = 3 [pid 524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 525 attached [pid 525] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 525] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 525] memfd_create("syzkaller", 0) = 3 [pid 525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 517] <... write resumed>) = 20699119 [pid 517] munmap(0x7fc71771c000, 138412032) = 0 [pid 517] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 517] ioctl(4, LOOP_SET_FD, 3 [pid 519] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 521] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 517] <... ioctl resumed>) = 0 [pid 517] close(3) = 0 [pid 517] close(4) = 0 [pid 517] mkdir("./file4", 0777) = 0 [ 32.836721][ T517] loop3: detected capacity change from 0 to 40427 [ 32.857432][ T517] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 32.878365][ T517] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 517] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 32.900403][ T517] F2FS-fs (loop3): fault_injection options not supported [ 32.910740][ T517] F2FS-fs (loop3): fault_type options not supported [ 32.928779][ T517] F2FS-fs (loop3): invalid crc value [pid 525] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 521] <... write resumed>) = 20699119 [pid 521] munmap(0x7fc71771c000, 138412032) = 0 [pid 521] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 521] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 521] close(3) = 0 [pid 521] close(4) = 0 [pid 521] mkdir("./file4", 0777) = 0 [ 32.960215][ T517] F2FS-fs (loop3): Found nat_bits in checkpoint [ 32.992189][ T521] loop2: detected capacity change from 0 to 40427 [pid 521] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 524] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 519] <... write resumed>) = 20699119 [pid 519] munmap(0x7fc71771c000, 138412032) = 0 [pid 519] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 33.006079][ T521] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 33.024096][ T521] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 33.036758][ T517] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 33.045472][ T521] F2FS-fs (loop2): fault_injection options not supported [ 33.048850][ T519] loop4: detected capacity change from 0 to 40427 [pid 519] ioctl(4, LOOP_SET_FD, 3 [pid 517] <... mount resumed>) = 0 [pid 517] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 517] chdir("./file4") = 0 [pid 517] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 517] ioctl(4, LOOP_CLR_FD) = 0 [pid 517] close(4) = 0 [pid 517] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 516] <... futex resumed>) = 0 [pid 516] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 516] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 517] fspick(AT_FDCWD, ".", 0) = 4 [pid 517] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 516] <... futex resumed>) = 0 [pid 517] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 516] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 517] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 516] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 517] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 519] <... ioctl resumed>) = 0 [pid 519] close(3 [pid 517] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 519] <... close resumed>) = 0 [pid 517] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 519] close(4 [pid 517] <... futex resumed>) = 1 [pid 516] <... futex resumed>) = 0 [pid 516] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 516] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 519] <... close resumed>) = 0 [pid 517] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 519] mkdir("./file4", 0777) = 0 [ 33.052963][ T517] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 33.067468][ T521] F2FS-fs (loop2): fault_type options not supported [ 33.075215][ T521] F2FS-fs (loop2): invalid crc value [ 33.092581][ T517] F2FS-fs (loop3): switch discard_unit option is not allowed [ 33.101516][ T521] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 519] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 517] <... open resumed>) = 5 [pid 517] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 516] <... futex resumed>) = 0 [pid 517] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 516] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 516] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 517] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 517] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 516] <... futex resumed>) = 0 [pid 516] close(3) = 0 [pid 516] close(4) = 0 [pid 516] close(5) = 0 [pid 516] close(6) = -1 EBADF (Bad file descriptor) [pid 516] close(7) = -1 EBADF (Bad file descriptor) [pid 516] close(8) = -1 EBADF (Bad file descriptor) [pid 516] close(9) = -1 EBADF (Bad file descriptor) [pid 516] close(10) = -1 EBADF (Bad file descriptor) [pid 516] close(11) = -1 EBADF (Bad file descriptor) [pid 516] close(12) = -1 EBADF (Bad file descriptor) [pid 516] close(13) = -1 EBADF (Bad file descriptor) [pid 516] close(14) = -1 EBADF (Bad file descriptor) [pid 516] close(15) = -1 EBADF (Bad file descriptor) [pid 516] close(16) = -1 EBADF (Bad file descriptor) [pid 516] close(17) = -1 EBADF (Bad file descriptor) [pid 516] close(18) = -1 EBADF (Bad file descriptor) [pid 516] close(19) = -1 EBADF (Bad file descriptor) [pid 516] close(20) = -1 EBADF (Bad file descriptor) [pid 516] close(21) = -1 EBADF (Bad file descriptor) [pid 516] close(22) = -1 EBADF (Bad file descriptor) [pid 516] close(23) = -1 EBADF (Bad file descriptor) [pid 516] close(24) = -1 EBADF (Bad file descriptor) [pid 516] close(25) = -1 EBADF (Bad file descriptor) [pid 516] close(26) = -1 EBADF (Bad file descriptor) [pid 516] close(27) = -1 EBADF (Bad file descriptor) [pid 516] close(28) = -1 EBADF (Bad file descriptor) [pid 516] close(29) = -1 EBADF (Bad file descriptor) [pid 516] exit_group(0) = ? [pid 517] +++ exited with 0 +++ [pid 516] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=8, si_stime=19} --- [pid 298] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 33.111051][ T519] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 33.129223][ T519] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 298] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 525] <... write resumed>) = 20699119 [pid 525] munmap(0x7fc71771c000, 138412032) = 0 [pid 525] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 525] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 525] close(3) = 0 [pid 525] close(4) = 0 [pid 525] mkdir("./file4", 0777) = 0 [ 33.159539][ T519] F2FS-fs (loop4): fault_injection options not supported [ 33.178511][ T519] F2FS-fs (loop4): fault_type options not supported [ 33.191850][ T525] loop1: detected capacity change from 0 to 40427 [ 33.196568][ T519] F2FS-fs (loop4): invalid crc value [ 33.210372][ T525] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 33.230530][ T525] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 33.240875][ T521] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 33.241309][ T519] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 525] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 524] <... write resumed>) = 20699119 [pid 524] munmap(0x7fc71771c000, 138412032) = 0 [pid 524] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 524] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 524] close(3) = 0 [pid 524] close(4) = 0 [pid 524] mkdir("./file4", 0777) = 0 [pid 524] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 521] <... mount resumed>) = 0 [pid 521] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 521] chdir("./file4") = 0 [pid 521] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 521] ioctl(4, LOOP_CLR_FD) = 0 [pid 521] close(4) = 0 [ 33.248105][ T521] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 33.266072][ T524] loop0: detected capacity change from 0 to 40427 [ 33.272741][ T525] F2FS-fs (loop1): fault_injection options not supported [ 33.282459][ T525] F2FS-fs (loop1): fault_type options not supported [ 33.289482][ T524] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 521] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 521] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 520] <... futex resumed>) = 0 [pid 298] <... umount2 resumed>) = 0 [pid 520] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 520] <... futex resumed>) = 1 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 521] <... futex resumed>) = 0 [pid 520] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 521] fspick(AT_FDCWD, ".", 0) = 4 [pid 521] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 521] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 520] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 298] newfstatat(AT_FDCWD, "./7/file4", [pid 520] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 521] <... futex resumed>) = 0 [pid 520] <... futex resumed>) = 1 [pid 521] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 520] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 519] <... mount resumed>) = 0 [pid 298] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./7/file4") = 0 [pid 298] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./7/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./7") = 0 [pid 298] mkdir("./8", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 33.314438][ T525] F2FS-fs (loop1): invalid crc value [ 33.321373][ T524] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 33.330280][ T524] F2FS-fs (loop0): fault_injection options not supported [ 33.334030][ T519] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 33.339388][ T524] F2FS-fs (loop0): fault_type options not supported [ 33.346718][ T519] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 18 [pid 519] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 519] chdir("./file4") = 0 [pid 519] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 519] ioctl(4, LOOP_CLR_FD) = 0 [pid 519] close(4) = 0 [pid 519] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 518] <... futex resumed>) = 0 [pid 518] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 518] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 519] <... futex resumed>) = 1 [pid 519] fspick(AT_FDCWD, ".", 0) = 4 [pid 519] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 518] <... futex resumed>) = 0 [pid 518] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 518] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 519] <... futex resumed>) = 1 [pid 519] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 519] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 518] <... futex resumed>) = 0 [pid 518] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 518] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 519] <... futex resumed>) = 1 [pid 519] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 519] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 518] <... futex resumed>) = 0 [pid 518] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 518] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 519] <... futex resumed>) = 1 [pid 519] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 519] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 518] <... futex resumed>) = 0 [pid 518] close(3) = 0 [pid 518] close(4) = 0 [pid 518] close(5) = 0 [pid 518] close(6) = -1 EBADF (Bad file descriptor) [pid 518] close(7) = -1 EBADF (Bad file descriptor) [pid 518] close(8) = -1 EBADF (Bad file descriptor) [pid 518] close(9) = -1 EBADF (Bad file descriptor) [pid 518] close(10) = -1 EBADF (Bad file descriptor) [pid 518] close(11) = -1 EBADF (Bad file descriptor) [pid 518] close(12) = -1 EBADF (Bad file descriptor) [pid 518] close(13) = -1 EBADF (Bad file descriptor) [pid 518] close(14) = -1 EBADF (Bad file descriptor) [pid 518] close(15) = -1 EBADF (Bad file descriptor) [pid 518] close(16) = -1 EBADF (Bad file descriptor) [pid 518] close(17) = -1 EBADF (Bad file descriptor) [pid 518] close(18) = -1 EBADF (Bad file descriptor) [pid 518] close(19./strace-static-x86_64: Process 541 attached ) = -1 EBADF (Bad file descriptor) [pid 518] close(20) = -1 EBADF (Bad file descriptor) [pid 518] close(21) = -1 EBADF (Bad file descriptor) [pid 518] close(22) = -1 EBADF (Bad file descriptor) [pid 518] close(23) = -1 EBADF (Bad file descriptor) [pid 518] close(24) = -1 EBADF (Bad file descriptor) [pid 518] close(25) = -1 EBADF (Bad file descriptor) [pid 518] close(26) = -1 EBADF (Bad file descriptor) [pid 518] close(27) = -1 EBADF (Bad file descriptor) [pid 518] close(28) = -1 EBADF (Bad file descriptor) [pid 518] close(29) = -1 EBADF (Bad file descriptor) [pid 518] exit_group(0) = ? [pid 519] <... futex resumed>) = ? [pid 519] +++ exited with 0 +++ [pid 518] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 521] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 521] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 520] <... futex resumed>) = 0 [pid 520] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 541] set_robust_list(0x5555875796a0, 24) = 0 [pid 520] <... futex resumed>) = 0 [pid 541] chdir("./8") = 0 [pid 520] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 541] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 541] setpgid(0, 0) = 0 [pid 521] <... futex resumed>) = 1 [pid 541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 541] write(3, "1000", 4) = 4 [pid 541] close(3) = 0 [pid 541] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 521] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 541] write(1, "executing program\n", 18) = 18 [pid 541] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 541] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 541] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 541] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 541] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 541] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 541] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[19]}, 88) = 19 [pid 541] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 541] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 541] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 521] <... open resumed>) = 5 [pid 521] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 520] <... futex resumed>) = 0 [pid 520] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 520] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 521] <... futex resumed>) = 1 [pid 521] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 521] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 520] <... futex resumed>) = 0 [pid 520] close(3) = 0 [pid 520] close(4) = 0 [pid 520] close(5) = 0 [pid 520] close(6) = -1 EBADF (Bad file descriptor) [pid 520] close(7) = -1 EBADF (Bad file descriptor) [pid 520] close(8) = -1 EBADF (Bad file descriptor) [pid 520] close(9) = -1 EBADF (Bad file descriptor) [pid 520] close(10) = -1 EBADF (Bad file descriptor) [pid 520] close(11) = -1 EBADF (Bad file descriptor) [pid 520] close(12) = -1 EBADF (Bad file descriptor) [pid 520] close(13) = -1 EBADF (Bad file descriptor) [pid 520] close(14) = -1 EBADF (Bad file descriptor) [pid 520] close(15) = -1 EBADF (Bad file descriptor) [pid 520] close(16) = -1 EBADF (Bad file descriptor) [pid 520] close(17) = -1 EBADF (Bad file descriptor) [pid 520] close(18) = -1 EBADF (Bad file descriptor) [pid 520] close(19) = -1 EBADF (Bad file descriptor) ./strace-static-x86_64: Process 544 attached [pid 520] close(20) = -1 EBADF (Bad file descriptor) [pid 520] close(21) = -1 EBADF (Bad file descriptor) [pid 520] close(22) = -1 EBADF (Bad file descriptor) [pid 520] close(23) = -1 EBADF (Bad file descriptor) [pid 520] close(24) = -1 EBADF (Bad file descriptor) [pid 520] close(25) = -1 EBADF (Bad file descriptor) [pid 520] close(26) = -1 EBADF (Bad file descriptor) [pid 520] close(27) = -1 EBADF (Bad file descriptor) [pid 520] close(28) = -1 EBADF (Bad file descriptor) [pid 520] close(29) = -1 EBADF (Bad file descriptor) [pid 520] exit_group(0) = ? [pid 521] <... futex resumed>) = ? [pid 521] +++ exited with 0 +++ [pid 520] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=6, si_stime=24} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 544] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [ 33.354318][ T521] F2FS-fs (loop2): switch discard_unit option is not allowed [ 33.371051][ T525] F2FS-fs (loop1): Found nat_bits in checkpoint [ 33.372029][ T519] F2FS-fs (loop4): switch discard_unit option is not allowed [ 33.396080][ T524] F2FS-fs (loop0): invalid crc value [pid 544] rt_sigprocmask(SIG_SETMASK, [], [pid 293] <... restart_syscall resumed>) = 0 [pid 544] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 544] memfd_create("syzkaller", 0) = 3 [pid 293] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 544] <... mmap resumed>) = 0x7fc71771c000 [pid 293] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 33.426668][ T524] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 293] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 544] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 525] <... mount resumed>) = 0 [pid 525] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 525] chdir("./file4") = 0 [pid 525] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 525] ioctl(4, LOOP_CLR_FD) = 0 [pid 525] close(4) = 0 [pid 525] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 525] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 525] <... futex resumed>) = 0 [pid 525] fspick(AT_FDCWD, ".", 0) = 4 [pid 525] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 33.487987][ T525] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 33.518973][ T525] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 525] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 525] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 525] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 525] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] <... futex resumed>) = 0 [pid 523] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 523] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 525] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 525] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 523] <... futex resumed>) = 0 [pid 523] close(3) = 0 [pid 523] close(4) = 0 [pid 523] close(5) = 0 [pid 523] close(6) = -1 EBADF (Bad file descriptor) [pid 523] close(7) = -1 EBADF (Bad file descriptor) [pid 523] close(8) = -1 EBADF (Bad file descriptor) [pid 523] close(9) = -1 EBADF (Bad file descriptor) [pid 523] close(10) = -1 EBADF (Bad file descriptor) [pid 523] close(11) = -1 EBADF (Bad file descriptor) [pid 523] close(12) = -1 EBADF (Bad file descriptor) [pid 523] close(13) = -1 EBADF (Bad file descriptor) [pid 523] close(14) = -1 EBADF (Bad file descriptor) [pid 523] close(15) = -1 EBADF (Bad file descriptor) [pid 523] close(16) = -1 EBADF (Bad file descriptor) [pid 523] close(17) = -1 EBADF (Bad file descriptor) [pid 523] close(18) = -1 EBADF (Bad file descriptor) [pid 523] close(19) = -1 EBADF (Bad file descriptor) [pid 523] close(20) = -1 EBADF (Bad file descriptor) [pid 523] close(21) = -1 EBADF (Bad file descriptor) [pid 523] close(22) = -1 EBADF (Bad file descriptor) [pid 523] close(23) = -1 EBADF (Bad file descriptor) [pid 523] close(24) = -1 EBADF (Bad file descriptor) [pid 523] close(25) = -1 EBADF (Bad file descriptor) [pid 523] close(26) = -1 EBADF (Bad file descriptor) [pid 523] close(27 [pid 525] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 523] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 523] close(28) = -1 EBADF (Bad file descriptor) [pid 523] close(29) = -1 EBADF (Bad file descriptor) [pid 523] exit_group(0) = ? [pid 525] <... futex resumed>) = ? [pid 525] +++ exited with 0 +++ [pid 523] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=8, si_stime=9} --- [ 33.557603][ T525] F2FS-fs (loop1): switch discard_unit option is not allowed [ 33.582571][ T524] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 524] <... mount resumed>) = 0 [pid 524] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 524] chdir("./file4") = 0 [pid 524] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 524] ioctl(4, LOOP_CLR_FD) = 0 [pid 524] close(4) = 0 [pid 524] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = 0 [pid 522] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 522] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... futex resumed>) = 1 [pid 524] fspick(AT_FDCWD, ".", 0) = 4 [pid 524] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = 0 [pid 522] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 522] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... futex resumed>) = 1 [pid 524] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 299] <... umount2 resumed>) = 0 [pid 524] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 299] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 524] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = 0 [pid 522] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 522] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... futex resumed>) = 1 [pid 524] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 524] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = 0 [pid 522] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 522] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 524] <... futex resumed>) = 1 [pid 524] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 524] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 522] <... futex resumed>) = 0 [pid 522] close(3) = 0 [pid 522] close(4) = 0 [pid 522] close(5) = 0 [pid 522] close(6) = -1 EBADF (Bad file descriptor) [pid 522] close(7) = -1 EBADF (Bad file descriptor) [pid 522] close(8) = -1 EBADF (Bad file descriptor) [pid 522] close(9) = -1 EBADF (Bad file descriptor) [pid 522] close(10) = -1 EBADF (Bad file descriptor) [pid 522] close(11) = -1 EBADF (Bad file descriptor) [pid 522] close(12) = -1 EBADF (Bad file descriptor) [pid 522] close(13) = -1 EBADF (Bad file descriptor) [pid 522] close(14) = -1 EBADF (Bad file descriptor) [pid 522] close(15) = -1 EBADF (Bad file descriptor) [pid 522] close(16) = -1 EBADF (Bad file descriptor) [pid 522] close(17) = -1 EBADF (Bad file descriptor) [pid 522] close(18) = -1 EBADF (Bad file descriptor) [pid 522] close(19) = -1 EBADF (Bad file descriptor) [pid 522] close(20) = -1 EBADF (Bad file descriptor) [pid 522] close(21) = -1 EBADF (Bad file descriptor) [pid 522] close(22) = -1 EBADF (Bad file descriptor) [pid 522] close(23) = -1 EBADF (Bad file descriptor) [pid 522] close(24) = -1 EBADF (Bad file descriptor) [pid 522] close(25 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 522] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 299] newfstatat(AT_FDCWD, "./7/file4", [pid 522] close(26) = -1 EBADF (Bad file descriptor) [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 522] close(27 [pid 299] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 522] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 522] close(28) = -1 EBADF (Bad file descriptor) [pid 522] close(29) = -1 EBADF (Bad file descriptor) [pid 522] exit_group(0) = ? [pid 524] <... futex resumed>) = ? [pid 524] +++ exited with 0 +++ [pid 522] +++ exited with 0 +++ [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=16, si_uid=0, si_status=0, si_utime=3, si_stime=19} --- [pid 299] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 299] <... openat resumed>) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./7/file4") = 0 [pid 299] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./7/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./7") = 0 [pid 299] mkdir("./8", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [ 33.606712][ T524] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 33.642508][ T524] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] <... restart_syscall resumed>) = 0 [pid 299] <... clone resumed>, child_tidptr=0x555587579690) = 18 [pid 294] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 548 attached [pid 544] <... write resumed>) = 20699119 [pid 294] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 548] set_robust_list(0x5555875796a0, 24 [pid 544] munmap(0x7fc71771c000, 138412032 [pid 548] <... set_robust_list resumed>) = 0 [pid 548] chdir("./8" [pid 544] <... munmap resumed>) = 0 [pid 293] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 548] <... chdir resumed>) = 0 [pid 544] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 548] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 548] <... prctl resumed>) = 0 [pid 544] <... openat resumed>) = 4 [pid 293] newfstatat(AT_FDCWD, "./7/file4", [pid 548] setpgid(0, 0 [pid 544] ioctl(4, LOOP_SET_FD, 3 [pid 548] <... setpgid resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 548] <... openat resumed>) = 3 [pid 293] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 548] write(3, "1000", 4) = 4 [pid 293] <... openat resumed>) = 4 [pid 548] close(3 [pid 293] newfstatat(4, "", [pid 548] <... close resumed>) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 548] symlink("/dev/binderfs", "./binderfs" [pid 293] getdents64(4, [pid 548] <... symlink resumed>) = 0 [pid 293] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 executing program [pid 548] write(1, "executing program\n", 18 [pid 544] <... ioctl resumed>) = 0 [pid 293] getdents64(4, [pid 548] <... write resumed>) = 18 [pid 544] close(3 [pid 293] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 548] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 544] <... close resumed>) = 0 [pid 293] close(4 [pid 548] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 544] close(4 [pid 548] <... rt_sigaction resumed>NULL, 8) = 0 [pid 293] <... close resumed>) = 0 [pid 548] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 293] rmdir("./7/file4" [pid 548] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 544] <... close resumed>) = 0 [pid 548] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 544] mkdir("./file4", 0777 [pid 293] <... rmdir resumed>) = 0 [pid 548] <... mmap resumed>) = 0x7fc71fb1c000 [pid 293] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 548] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 544] <... mkdir resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 548] <... mprotect resumed>) = 0 [pid 544] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 293] newfstatat(AT_FDCWD, "./7/binderfs", [pid 548] rt_sigprocmask(SIG_BLOCK, ~[], [pid 293] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 548] <... rt_sigprocmask resumed>[], 8) = 0 [pid 293] unlink("./7/binderfs") = 0 [pid 548] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 548] <... clone3 resumed> => {parent_tid=[19]}, 88) = 19 [pid 293] close(3 [pid 548] rt_sigprocmask(SIG_SETMASK, [], [pid 293] <... close resumed>) = 0 [pid 548] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 548] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] rmdir("./7" [pid 548] <... futex resumed>) = 0 [pid 548] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 293] <... rmdir resumed>) = 0 [pid 293] mkdir("./8", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 18 ./strace-static-x86_64: Process 550 attached [pid 550] set_robust_list(0x5555875796a0, 24) = 0 [pid 550] chdir("./8") = 0 [pid 550] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 550] setpgid(0, 0) = 0 [pid 550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 550] write(3, "1000", 4) = 4 [pid 550] close(3) = 0 [pid 550] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 550] write(1, "executing program\n", 18) = 18 [pid 550] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 550] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 550] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 550] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 550] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 550] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 550] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[19]}, 88) = 19 [pid 550] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 33.715694][ T544] loop3: detected capacity change from 0 to 40427 [ 33.730069][ T544] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 33.748906][ T544] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 550] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 550] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 551 attached [pid 551] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 551] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 551] memfd_create("syzkaller", 0) = 3 [pid 551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 549 attached [pid 549] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 549] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 549] memfd_create("syzkaller", 0) = 3 [pid 549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 33.767877][ T544] F2FS-fs (loop3): fault_injection options not supported [ 33.800495][ T544] F2FS-fs (loop3): fault_type options not supported [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./7/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./7/file4") = 0 [pid 297] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./7/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./7") = 0 [pid 297] mkdir("./8", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 18 ./strace-static-x86_64: Process 554 attached [pid 554] set_robust_list(0x5555875796a0, 24) = 0 [pid 554] chdir("./8") = 0 [pid 554] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 554] setpgid(0, 0) = 0 [pid 554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 554] write(3, "1000", 4) = 4 [pid 554] close(3) = 0 [pid 554] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 554] write(1, "executing program\n", 18) = 18 [ 33.822575][ T544] F2FS-fs (loop3): invalid crc value [pid 554] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 554] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 554] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 554] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 554] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 554] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 554] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[19]}, 88) = 19 [pid 554] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 554] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 554] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 556 attached [pid 556] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 556] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 556] memfd_create("syzkaller", 0) = 3 [pid 556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 294] <... umount2 resumed>) = 0 [ 33.867945][ T544] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 294] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./7/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./7/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./7/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./7/file4") = 0 [pid 294] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./7/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./7") = 0 [pid 294] mkdir("./8", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 18 ./strace-static-x86_64: Process 557 attached [pid 557] set_robust_list(0x5555875796a0, 24) = 0 [pid 557] chdir("./8") = 0 [pid 557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 557] setpgid(0, 0) = 0 [pid 557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 557] write(3, "1000", 4) = 4 [pid 557] close(3) = 0 [pid 557] symlink("/dev/binderfs", "./binderfs") = 0 [pid 557] write(1, "executing program\n", 18executing program ) = 18 [pid 557] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 557] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 557] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 557] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 557] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 557] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 557] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[19]}, 88) = 19 [pid 557] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 557] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 557] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 559 attached [pid 559] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 559] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 559] memfd_create("syzkaller", 0) = 3 [pid 559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 544] <... mount resumed>) = 0 [pid 551] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 544] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 544] chdir("./file4") = 0 [pid 544] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 544] ioctl(4, LOOP_CLR_FD) = 0 [pid 544] close(4) = 0 [pid 544] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 541] <... futex resumed>) = 0 [pid 544] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 541] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 541] <... futex resumed>) = 0 [pid 544] fspick(AT_FDCWD, ".", 0 [pid 541] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... fspick resumed>) = 4 [pid 544] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 541] <... futex resumed>) = 0 [pid 544] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 541] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 541] <... futex resumed>) = 0 [pid 544] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 33.969856][ T544] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 34.000058][ T544] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 541] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 549] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 544] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 541] <... futex resumed>) = 0 [pid 544] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 541] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 541] <... futex resumed>) = 0 [pid 544] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 541] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... open resumed>) = 5 [pid 544] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 541] <... futex resumed>) = 0 [pid 544] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 541] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 544] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 541] <... futex resumed>) = 0 [pid 544] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 541] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 544] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 544] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 541] <... futex resumed>) = 0 [pid 544] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 541] close(3) = 0 [pid 541] close(4) = 0 [pid 541] close(5) = 0 [pid 541] close(6) = -1 EBADF (Bad file descriptor) [pid 541] close(7) = -1 EBADF (Bad file descriptor) [pid 541] close(8) = -1 EBADF (Bad file descriptor) [pid 541] close(9) = -1 EBADF (Bad file descriptor) [pid 541] close(10) = -1 EBADF (Bad file descriptor) [pid 541] close(11) = -1 EBADF (Bad file descriptor) [pid 541] close(12) = -1 EBADF (Bad file descriptor) [pid 541] close(13) = -1 EBADF (Bad file descriptor) [pid 541] close(14) = -1 EBADF (Bad file descriptor) [pid 541] close(15) = -1 EBADF (Bad file descriptor) [pid 541] close(16) = -1 EBADF (Bad file descriptor) [pid 541] close(17) = -1 EBADF (Bad file descriptor) [pid 541] close(18) = -1 EBADF (Bad file descriptor) [pid 541] close(19) = -1 EBADF (Bad file descriptor) [pid 541] close(20) = -1 EBADF (Bad file descriptor) [pid 541] close(21) = -1 EBADF (Bad file descriptor) [pid 541] close(22) = -1 EBADF (Bad file descriptor) [pid 541] close(23) = -1 EBADF (Bad file descriptor) [pid 541] close(24) = -1 EBADF (Bad file descriptor) [pid 541] close(25) = -1 EBADF (Bad file descriptor) [pid 541] close(26) = -1 EBADF (Bad file descriptor) [pid 541] close(27) = -1 EBADF (Bad file descriptor) [pid 541] close(28) = -1 EBADF (Bad file descriptor) [pid 541] close(29) = -1 EBADF (Bad file descriptor) [pid 541] exit_group(0 [pid 544] <... futex resumed>) = ? [pid 541] <... exit_group resumed>) = ? [pid 544] +++ exited with 0 +++ [pid 541] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=6, si_stime=14} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 34.041838][ T544] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 298] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 556] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 551] <... write resumed>) = 20699119 [pid 551] munmap(0x7fc71771c000, 138412032) = 0 [pid 551] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 551] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 551] close(3) = 0 [pid 551] close(4) = 0 [pid 551] mkdir("./file4", 0777) = 0 [ 34.157266][ T551] loop2: detected capacity change from 0 to 40427 [ 34.175307][ T551] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 34.187118][ T551] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 34.206211][ T551] F2FS-fs (loop2): fault_injection options not supported [ 34.220334][ T551] F2FS-fs (loop2): fault_type options not supported [pid 551] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 556] <... write resumed>) = 20699119 [pid 556] munmap(0x7fc71771c000, 138412032) = 0 [pid 556] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 556] ioctl(4, LOOP_SET_FD, 3 [pid 559] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 556] <... ioctl resumed>) = 0 [pid 549] <... write resumed>) = 20699119 [pid 556] close(3 [pid 549] munmap(0x7fc71771c000, 138412032 [pid 556] <... close resumed>) = 0 [pid 556] close(4 [pid 549] <... munmap resumed>) = 0 [pid 556] <... close resumed>) = 0 [pid 549] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 556] mkdir("./file4", 0777 [pid 549] <... openat resumed>) = 4 [pid 556] <... mkdir resumed>) = 0 [ 34.248848][ T551] F2FS-fs (loop2): invalid crc value [ 34.260710][ T556] loop1: detected capacity change from 0 to 40427 [ 34.284246][ T549] loop4: detected capacity change from 0 to 40427 [ 34.291103][ T556] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [pid 549] ioctl(4, LOOP_SET_FD, 3 [pid 556] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 549] <... ioctl resumed>) = 0 [pid 298] <... umount2 resumed>) = 0 [pid 549] close(3 [pid 298] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 549] <... close resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 549] close(4 [pid 298] newfstatat(AT_FDCWD, "./8/file4", [pid 549] <... close resumed>) = 0 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 549] mkdir("./file4", 0777 [pid 298] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 549] <... mkdir resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 549] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./8/file4") = 0 [pid 298] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./8/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./8") = 0 [pid 298] mkdir("./9", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 20 [ 34.298170][ T556] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 34.300747][ T551] F2FS-fs (loop2): Found nat_bits in checkpoint [ 34.308050][ T556] F2FS-fs (loop1): fault_injection options not supported [ 34.320844][ T556] F2FS-fs (loop1): fault_type options not supported [ 34.328504][ T549] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 34.337228][ T556] F2FS-fs (loop1): invalid crc value ./strace-static-x86_64: Process 563 attached [pid 563] set_robust_list(0x5555875796a0, 24) = 0 [pid 563] chdir("./9") = 0 [pid 563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 563] setpgid(0, 0) = 0 executing program [pid 563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 563] write(3, "1000", 4) = 4 [pid 563] close(3) = 0 [pid 563] symlink("/dev/binderfs", "./binderfs") = 0 [pid 563] write(1, "executing program\n", 18) = 18 [pid 563] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 563] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 563] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 563] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 563] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 563] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[21]}, 88) = 21 [pid 563] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 563] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 566 attached [pid 566] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 566] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 566] memfd_create("syzkaller", 0) = 3 [pid 566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 34.350469][ T549] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 34.360073][ T549] F2FS-fs (loop4): fault_injection options not supported [ 34.369001][ T556] F2FS-fs (loop1): Found nat_bits in checkpoint [ 34.380718][ T549] F2FS-fs (loop4): fault_type options not supported [ 34.398897][ T549] F2FS-fs (loop4): invalid crc value [ 34.420473][ T551] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 34.421125][ T549] F2FS-fs (loop4): Found nat_bits in checkpoint [ 34.438570][ T551] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 551] <... mount resumed>) = 0 [pid 551] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 551] chdir("./file4") = 0 [pid 551] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 551] ioctl(4, LOOP_CLR_FD) = 0 [pid 551] close(4) = 0 [pid 551] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 551] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 550] <... futex resumed>) = 0 [pid 550] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 550] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 551] <... futex resumed>) = 0 [pid 551] fspick(AT_FDCWD, ".", 0) = 4 [pid 551] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 550] <... futex resumed>) = 0 [pid 550] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 551] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 550] <... futex resumed>) = 0 [pid 550] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 556] <... mount resumed>) = 0 [pid 551] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 551] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 556] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 551] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 550] <... futex resumed>) = 0 [pid 559] <... write resumed>) = 20699119 [pid 559] munmap(0x7fc71771c000, 138412032) = 0 [pid 559] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 34.438787][ T556] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 34.464091][ T556] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 34.481625][ T551] F2FS-fs (loop2): switch discard_unit option is not allowed [ 34.488832][ T549] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [pid 559] ioctl(4, LOOP_SET_FD, 3 [pid 556] <... openat resumed>) = 3 [pid 550] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 549] <... mount resumed>) = 0 [pid 556] chdir("./file4" [pid 551] <... futex resumed>) = 0 [pid 550] <... futex resumed>) = 1 [pid 549] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 556] <... chdir resumed>) = 0 [pid 551] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 550] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 549] <... openat resumed>) = 3 [pid 556] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 551] <... open resumed>) = 5 [pid 549] chdir("./file4" [pid 556] <... openat resumed>) = 4 [pid 551] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 549] <... chdir resumed>) = 0 [pid 556] ioctl(4, LOOP_CLR_FD [pid 551] <... futex resumed>) = 1 [pid 550] <... futex resumed>) = 0 [pid 549] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 556] <... ioctl resumed>) = 0 [pid 551] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 550] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] close(4 [pid 551] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 550] <... futex resumed>) = 0 [pid 549] <... openat resumed>) = 4 [pid 556] <... close resumed>) = 0 [pid 551] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 551] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 551] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 559] <... ioctl resumed>) = 0 [pid 559] close(3) = 0 [pid 559] close(4) = 0 [pid 556] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 549] ioctl(4, LOOP_CLR_FD [pid 556] <... futex resumed>) = 1 [pid 554] <... futex resumed>) = 0 [pid 550] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 549] <... ioctl resumed>) = 0 [pid 556] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 554] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] close(3 [pid 549] close(4 [pid 556] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 554] <... futex resumed>) = 0 [pid 550] <... close resumed>) = 0 [pid 549] <... close resumed>) = 0 [pid 556] fspick(AT_FDCWD, ".", 0 [pid 554] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 550] close(4 [pid 549] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... fspick resumed>) = 4 [pid 549] <... futex resumed>) = 1 [pid 548] <... futex resumed>) = 0 [pid 556] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] <... close resumed>) = 0 [pid 549] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 548] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 1 [pid 554] <... futex resumed>) = 0 [pid 550] close(5 [pid 549] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 548] <... futex resumed>) = 0 [pid 556] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 554] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] <... close resumed>) = 0 [pid 549] fspick(AT_FDCWD, ".", 0 [pid 548] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 556] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 554] <... futex resumed>) = 0 [pid 550] close(6 [pid 556] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 554] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 550] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 549] <... fspick resumed>) = 4 [pid 559] mkdir("./file4", 0777) = 0 [pid 559] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 550] close(7 [pid 549] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 549] <... futex resumed>) = 1 [pid 550] close(8 [pid 548] <... futex resumed>) = 0 [pid 549] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 550] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] close(9 [pid 549] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 548] <... futex resumed>) = 0 [pid 550] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 549] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 548] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 550] close(10) = -1 EBADF (Bad file descriptor) [pid 550] close(11) = -1 EBADF (Bad file descriptor) [pid 550] close(12) = -1 EBADF (Bad file descriptor) [pid 550] close(13) = -1 EBADF (Bad file descriptor) [pid 550] close(14) = -1 EBADF (Bad file descriptor) [pid 550] close(15) = -1 EBADF (Bad file descriptor) [pid 550] close(16) = -1 EBADF (Bad file descriptor) [pid 550] close(17) = -1 EBADF (Bad file descriptor) [pid 550] close(18) = -1 EBADF (Bad file descriptor) [pid 550] close(19) = -1 EBADF (Bad file descriptor) [pid 550] close(20) = -1 EBADF (Bad file descriptor) [pid 550] close(21) = -1 EBADF (Bad file descriptor) [pid 550] close(22) = -1 EBADF (Bad file descriptor) [pid 550] close(23) = -1 EBADF (Bad file descriptor) [ 34.496942][ T549] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 34.501100][ T559] loop0: detected capacity change from 0 to 40427 [ 34.524403][ T556] F2FS-fs (loop1): switch discard_unit option is not allowed [ 34.532781][ T549] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 550] close(24) = -1 EBADF (Bad file descriptor) [pid 550] close(25) = -1 EBADF (Bad file descriptor) [pid 550] close(26) = -1 EBADF (Bad file descriptor) [pid 550] close(27 [pid 556] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 550] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 556] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] close(28 [pid 549] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 554] <... futex resumed>) = 0 [pid 550] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 556] <... futex resumed>) = 1 [pid 554] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] close(29 [pid 549] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 554] <... futex resumed>) = 0 [pid 550] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 550] exit_group(0 [pid 556] <... open resumed>) = 5 [pid 551] <... futex resumed>) = ? [pid 550] <... exit_group resumed>) = ? [pid 549] <... futex resumed>) = 1 [pid 548] <... futex resumed>) = 0 [pid 551] +++ exited with 0 +++ [pid 556] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 550] +++ exited with 0 +++ [pid 549] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 548] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 1 [pid 554] <... futex resumed>) = 0 [pid 548] <... futex resumed>) = 0 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=6, si_stime=20} --- [pid 556] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 554] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 549] <... open resumed>) = 5 [pid 548] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 556] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 554] <... futex resumed>) = 0 [pid 549] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 548] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 556] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 554] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 549] <... futex resumed>) = 0 [pid 548] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 556] <... futex resumed>) = 0 [pid 554] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 549] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 548] <... futex resumed>) = 0 [pid 556] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 554] close(3 [pid 548] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 554] <... close resumed>) = 0 [pid 549] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 554] close(4 [pid 549] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 554] <... close resumed>) = 0 [pid 549] <... futex resumed>) = 1 [pid 548] <... futex resumed>) = 0 [pid 554] close(5 [pid 549] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 548] close(3 [pid 554] <... close resumed>) = 0 [pid 548] <... close resumed>) = 0 [pid 554] close(6) = -1 EBADF (Bad file descriptor) [pid 548] close(4 [pid 554] close(7) = -1 EBADF (Bad file descriptor) [pid 548] <... close resumed>) = 0 [pid 554] close(8 [pid 548] close(5 [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] <... close resumed>) = 0 [pid 554] close(9) = -1 EBADF (Bad file descriptor) [pid 548] close(6 [pid 554] close(10 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(7 [pid 554] close(11 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(8 [pid 554] close(12 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(9 [pid 554] close(13 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(10 [pid 554] close(14 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(11 [pid 554] close(15 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(12 [pid 554] close(16 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(13 [pid 554] close(17 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(14 [pid 554] close(18 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(15 [pid 554] close(19 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(16 [pid 554] close(20 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(17 [pid 554] close(21 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(18 [pid 554] close(22 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(19 [pid 554] close(23 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] close(24 [pid 548] close(20 [pid 293] <... restart_syscall resumed>) = 0 [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] close(25 [pid 548] close(21 [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] close(26 [pid 548] close(22 [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 554] close(27 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(23 [pid 293] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 554] close(28 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(24 [pid 293] <... openat resumed>) = 3 [pid 554] close(29 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] newfstatat(3, "", [pid 554] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(25 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 554] exit_group(0 [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 554] <... exit_group resumed>) = ? [pid 556] <... futex resumed>) = ? [pid 293] getdents64(3, [ 34.548013][ T559] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 548] close(26 [pid 566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 556] +++ exited with 0 +++ [pid 554] +++ exited with 0 +++ [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 548] close(27 [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=5, si_stime=20} --- [pid 293] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 548] close(28) = -1 EBADF (Bad file descriptor) [pid 297] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 548] close(29 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 548] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 548] exit_group(0 [pid 297] <... openat resumed>) = 3 [pid 549] <... futex resumed>) = ? [pid 548] <... exit_group resumed>) = ? [pid 297] newfstatat(3, "", [pid 549] +++ exited with 0 +++ [pid 548] +++ exited with 0 +++ [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 297] getdents64(3, [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 297] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... restart_syscall resumed>) = 0 [pid 299] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 34.587184][ T559] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 34.595976][ T559] F2FS-fs (loop0): fault_injection options not supported [ 34.614916][ T559] F2FS-fs (loop0): fault_type options not supported [ 34.652316][ T559] F2FS-fs (loop0): invalid crc value [pid 299] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 566] <... write resumed>) = 20699119 [pid 566] munmap(0x7fc71771c000, 138412032) = 0 [pid 566] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 34.683533][ T559] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 566] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 566] close(3) = 0 [pid 566] close(4) = 0 [pid 566] mkdir("./file4", 0777) = 0 [ 34.732337][ T566] loop3: detected capacity change from 0 to 40427 [ 34.761162][ T566] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 34.768512][ T566] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 566] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 559] <... mount resumed>) = 0 [pid 559] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 559] chdir("./file4") = 0 [pid 559] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 559] ioctl(4, LOOP_CLR_FD) = 0 [pid 559] close(4) = 0 [pid 559] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 557] <... futex resumed>) = 0 [pid 559] fspick(AT_FDCWD, ".", 0 [pid 557] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] <... fspick resumed>) = 4 [pid 557] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 559] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 557] <... futex resumed>) = 0 [pid 557] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 557] <... futex resumed>) = 0 [pid 297] <... umount2 resumed>) = 0 [pid 557] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... umount2 resumed>) = 0 [pid 299] <... umount2 resumed>) = 0 [pid 293] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./8/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(AT_FDCWD, "./8/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] newfstatat(4, "", [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, [pid 299] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 293] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] <... openat resumed>) = 4 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4 [pid 299] newfstatat(4, "", [pid 293] <... close resumed>) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] rmdir("./8/file4" [pid 299] getdents64(4, [pid 293] <... rmdir resumed>) = 0 [pid 299] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4 [pid 293] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... close resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] rmdir("./8/file4") = 0 [pid 293] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./8/binderfs" [pid 299] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... unlink resumed>) = 0 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] getdents64(3, [pid 299] unlink("./8/binderfs") = 0 [pid 293] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 299] getdents64(3, [pid 293] rmdir("./8" [pid 299] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] <... rmdir resumed>) = 0 [pid 299] close(3) = 0 [ 34.792569][ T559] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 34.799941][ T566] F2FS-fs (loop3): fault_injection options not supported [ 34.807178][ T559] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 34.815550][ T566] F2FS-fs (loop3): fault_type options not supported [ 34.831205][ T559] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 299] rmdir("./8") = 0 [pid 293] mkdir("./9", 0777) = 0 [pid 299] mkdir("./9", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 293] <... openat resumed>) = 3 [pid 299] <... openat resumed>) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] ioctl(3, LOOP_CLR_FD [pid 299] close(3 [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 559] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 559] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... close resumed>) = 0 [pid 297] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] close(3 [pid 559] <... futex resumed>) = 1 [pid 557] <... futex resumed>) = 0 [pid 559] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 557] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 559] <... open resumed>) = 5 [pid 557] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... close resumed>) = 0 [pid 559] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 557] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 559] <... futex resumed>) = 0 [pid 557] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 559] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 557] <... futex resumed>) = 0 [pid 559] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 557] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 559] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 557] <... futex resumed>) = 0 [pid 559] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 557] close(3) = 0 [pid 557] close(4) = 0 [pid 557] close(5) = 0 [pid 557] close(6) = -1 EBADF (Bad file descriptor) [pid 557] close(7) = -1 EBADF (Bad file descriptor) [pid 557] close(8) = -1 EBADF (Bad file descriptor) [pid 557] close(9) = -1 EBADF (Bad file descriptor) [pid 557] close(10) = -1 EBADF (Bad file descriptor) [pid 557] close(11) = -1 EBADF (Bad file descriptor) [pid 557] close(12) = -1 EBADF (Bad file descriptor) [pid 557] close(13) = -1 EBADF (Bad file descriptor) [pid 557] close(14) = -1 EBADF (Bad file descriptor) [pid 557] close(15) = -1 EBADF (Bad file descriptor) [pid 557] close(16) = -1 EBADF (Bad file descriptor) [pid 557] close(17) = -1 EBADF (Bad file descriptor) [pid 557] close(18) = -1 EBADF (Bad file descriptor) [pid 557] close(19) = -1 EBADF (Bad file descriptor) [pid 557] close(20) = -1 EBADF (Bad file descriptor) [pid 557] close(21) = -1 EBADF (Bad file descriptor) [pid 557] close(22) = -1 EBADF (Bad file descriptor) [pid 557] close(23) = -1 EBADF (Bad file descriptor) [pid 557] close(24) = -1 EBADF (Bad file descriptor) [pid 557] close(25) = -1 EBADF (Bad file descriptor) [pid 557] close(26) = -1 EBADF (Bad file descriptor) [pid 557] close(27) = -1 EBADF (Bad file descriptor) [pid 557] close(28) = -1 EBADF (Bad file descriptor) [pid 557] close(29) = -1 EBADF (Bad file descriptor) [pid 557] exit_group(0 [pid 559] <... futex resumed>) = ? [pid 557] <... exit_group resumed>) = ? [pid 559] +++ exited with 0 +++ [pid 557] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=18, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 297] newfstatat(AT_FDCWD, "./8/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./8/file4") = 0 [pid 293] <... clone resumed>, child_tidptr=0x555587579690) = 20 [pid 294] <... restart_syscall resumed>) = 0 [pid 294] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] <... clone resumed>, child_tidptr=0x555587579690) = 20 [pid 297] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./8/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./8") = 0 [pid 297] mkdir("./9", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 582 attached ./strace-static-x86_64: Process 581 attached , child_tidptr=0x555587579690) = 20 [pid 581] set_robust_list(0x5555875796a0, 24 [pid 582] set_robust_list(0x5555875796a0, 24./strace-static-x86_64: Process 583 attached ) = 0 [pid 581] <... set_robust_list resumed>) = 0 [pid 582] chdir("./9" [pid 581] chdir("./9" [pid 583] set_robust_list(0x5555875796a0, 24 [pid 582] <... chdir resumed>) = 0 [pid 583] <... set_robust_list resumed>) = 0 [pid 582] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 581] <... chdir resumed>) = 0 [pid 582] <... prctl resumed>) = 0 [pid 581] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 583] chdir("./9" [pid 582] setpgid(0, 0 [pid 581] <... prctl resumed>) = 0 [pid 582] <... setpgid resumed>) = 0 [pid 581] setpgid(0, 0 [pid 583] <... chdir resumed>) = 0 [pid 583] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 581] <... setpgid resumed>) = 0 [pid 581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 582] <... openat resumed>) = 3 [pid 581] <... openat resumed>) = 3 [pid 582] write(3, "1000", 4 [pid 581] write(3, "1000", 4 [pid 583] <... prctl resumed>) = 0 [pid 582] <... write resumed>) = 4 [pid 582] close(3 [pid 581] <... write resumed>) = 4 [pid 583] setpgid(0, 0 [pid 581] close(3 [pid 582] <... close resumed>) = 0 [pid 583] <... setpgid resumed>) = 0 [pid 582] symlink("/dev/binderfs", "./binderfs" [pid 581] <... close resumed>) = 0 [pid 583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 582] <... symlink resumed>) = 0 [pid 581] symlink("/dev/binderfs", "./binderfs" [pid 583] <... openat resumed>) = 3 executing program [pid 582] write(1, "executing program\n", 18 [pid 581] <... symlink resumed>) = 0 [pid 583] write(3, "1000", 4 [pid 582] <... write resumed>) = 18 executing program [pid 581] write(1, "executing program\n", 18 [pid 583] <... write resumed>) = 4 [pid 582] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] <... write resumed>) = 18 [pid 583] close(3 [pid 582] <... futex resumed>) = 0 [pid 583] <... close resumed>) = 0 [pid 582] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 581] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 583] symlink("/dev/binderfs", "./binderfs" [pid 582] <... rt_sigaction resumed>NULL, 8) = 0 [pid 581] <... futex resumed>) = 0 [pid 582] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 583] <... symlink resumed>) = 0 [pid 581] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, executing program [pid 583] write(1, "executing program\n", 18 [pid 582] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 581] <... rt_sigaction resumed>NULL, 8) = 0 [pid 583] <... write resumed>) = 18 [pid 582] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 581] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 583] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] <... mmap resumed>) = 0x7fc71fb1c000 [pid 581] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 583] <... futex resumed>) = 0 [pid 582] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 581] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 582] <... mprotect resumed>) = 0 [pid 581] <... mmap resumed>) = 0x7fc71fb1c000 [pid 583] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 582] rt_sigprocmask(SIG_BLOCK, ~[], [pid 581] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 583] <... rt_sigaction resumed>NULL, 8) = 0 [pid 582] <... rt_sigprocmask resumed>[], 8) = 0 [pid 583] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 581] <... mprotect resumed>) = 0 [pid 582] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 581] rt_sigprocmask(SIG_BLOCK, ~[], [pid 583] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 581] <... rt_sigprocmask resumed>[], 8) = 0 [pid 583] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 582] <... clone3 resumed> => {parent_tid=[21]}, 88) = 21 [pid 581] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 583] <... mmap resumed>) = 0x7fc71fb1c000 [pid 582] rt_sigprocmask(SIG_SETMASK, [], [pid 583] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 582] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 581] <... clone3 resumed> => {parent_tid=[21]}, 88) = 21 [pid 583] <... mprotect resumed>) = 0 [pid 582] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 581] rt_sigprocmask(SIG_SETMASK, [], [pid 583] rt_sigprocmask(SIG_BLOCK, ~[], [pid 582] <... futex resumed>) = 0 [pid 581] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 583] <... rt_sigprocmask resumed>[], 8) = 0 [pid 582] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 581] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 583] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 583] <... clone3 resumed> => {parent_tid=[21]}, 88) = 21 [pid 583] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 583] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 583] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 586 attached [ 34.850478][ T566] F2FS-fs (loop3): invalid crc value [ 34.863732][ T566] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 586] set_robust_list(0x7fc71fb3c9a0, 24./strace-static-x86_64: Process 585 attached ./strace-static-x86_64: Process 584 attached ) = 0 [pid 586] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 586] memfd_create("syzkaller", 0 [pid 585] set_robust_list(0x7fc71fb3c9a0, 24 [pid 586] <... memfd_create resumed>) = 3 [pid 586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 585] <... set_robust_list resumed>) = 0 [pid 584] set_robust_list(0x7fc71fb3c9a0, 24 [pid 585] rt_sigprocmask(SIG_SETMASK, [], [pid 584] <... set_robust_list resumed>) = 0 [pid 585] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 584] rt_sigprocmask(SIG_SETMASK, [], [pid 585] memfd_create("syzkaller", 0 [pid 584] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 585] <... memfd_create resumed>) = 3 [pid 584] memfd_create("syzkaller", 0 [pid 585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 584] <... memfd_create resumed>) = 3 [pid 585] <... mmap resumed>) = 0x7fc71771c000 [pid 584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 566] <... mount resumed>) = 0 [pid 566] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 566] chdir("./file4") = 0 [pid 566] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 566] ioctl(4, LOOP_CLR_FD) = 0 [pid 566] close(4) = 0 [pid 566] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = 0 [pid 563] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 566] <... futex resumed>) = 1 [pid 566] fspick(AT_FDCWD, ".", 0) = 4 [pid 566] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = 0 [pid 563] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 566] <... futex resumed>) = 1 [ 34.934813][ T566] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 34.944736][ T566] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 566] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 566] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = 0 [pid 563] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 566] <... futex resumed>) = 1 [pid 566] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 566] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = 0 [pid 563] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 563] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 566] <... futex resumed>) = 1 [pid 566] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 566] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 563] <... futex resumed>) = 0 [pid 563] close(3) = 0 [pid 563] close(4) = 0 [pid 563] close(5) = 0 [pid 563] close(6) = -1 EBADF (Bad file descriptor) [pid 563] close(7) = -1 EBADF (Bad file descriptor) [pid 563] close(8) = -1 EBADF (Bad file descriptor) [pid 563] close(9) = -1 EBADF (Bad file descriptor) [pid 563] close(10) = -1 EBADF (Bad file descriptor) [pid 563] close(11) = -1 EBADF (Bad file descriptor) [pid 563] close(12) = -1 EBADF (Bad file descriptor) [pid 563] close(13) = -1 EBADF (Bad file descriptor) [pid 563] close(14) = -1 EBADF (Bad file descriptor) [pid 563] close(15) = -1 EBADF (Bad file descriptor) [pid 563] close(16) = -1 EBADF (Bad file descriptor) [pid 563] close(17) = -1 EBADF (Bad file descriptor) [pid 563] close(18) = -1 EBADF (Bad file descriptor) [pid 563] close(19) = -1 EBADF (Bad file descriptor) [pid 563] close(20) = -1 EBADF (Bad file descriptor) [pid 563] close(21) = -1 EBADF (Bad file descriptor) [pid 563] close(22) = -1 EBADF (Bad file descriptor) [pid 563] close(23) = -1 EBADF (Bad file descriptor) [pid 563] close(24) = -1 EBADF (Bad file descriptor) [pid 563] close(25) = -1 EBADF (Bad file descriptor) [pid 563] close(26) = -1 EBADF (Bad file descriptor) [pid 563] close(27) = -1 EBADF (Bad file descriptor) [pid 563] close(28) = -1 EBADF (Bad file descriptor) [pid 563] close(29) = -1 EBADF (Bad file descriptor) [pid 563] exit_group(0) = ? [pid 566] <... futex resumed>) = ? [pid 566] +++ exited with 0 +++ [pid 563] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 34.975002][ T566] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 298] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 586] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] newfstatat(AT_FDCWD, "./8/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./8/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./8/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./8/file4") = 0 [pid 294] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./8/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./8") = 0 [pid 294] mkdir("./9", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 20 ./strace-static-x86_64: Process 588 attached [pid 588] set_robust_list(0x5555875796a0, 24) = 0 [pid 584] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 588] chdir("./9") = 0 [pid 588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 588] setpgid(0, 0) = 0 [pid 588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 588] write(3, "1000", 4) = 4 [pid 588] close(3) = 0 [pid 588] symlink("/dev/binderfs", "./binderfs") = 0 [pid 588] write(1, "executing program\n", 18executing program ) = 18 [pid 588] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 588] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 588] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 588] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 588] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 588] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[21]}, 88) = 21 [pid 588] rt_sigprocmask(SIG_SETMASK, [], [pid 585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 588] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 588] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 589 attached [pid 589] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 589] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 589] memfd_create("syzkaller", 0) = 3 [pid 589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./9/file4") = 0 [pid 298] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./9/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./9") = 0 [pid 298] mkdir("./10", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 22 ./strace-static-x86_64: Process 590 attached [pid 590] set_robust_list(0x5555875796a0, 24) = 0 [pid 590] chdir("./10") = 0 [pid 590] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 590] setpgid(0, 0) = 0 [pid 590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 590] write(3, "1000", 4) = 4 [pid 590] close(3) = 0 [pid 590] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 590] write(1, "executing program\n", 18) = 18 [pid 590] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 590] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 590] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 590] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 590] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 590] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 590] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[23]}, 88) = 23 [pid 590] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 590] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 590] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 591 attached [pid 591] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 591] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 591] memfd_create("syzkaller", 0) = 3 [pid 591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 586] <... write resumed>) = 20699119 [pid 586] munmap(0x7fc71771c000, 138412032) = 0 [pid 586] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 586] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 586] close(3) = 0 [pid 586] close(4) = 0 [pid 586] mkdir("./file4", 0777) = 0 [ 35.277508][ T586] loop1: detected capacity change from 0 to 40427 [ 35.293751][ T586] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 35.309065][ T586] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 35.318519][ T586] F2FS-fs (loop1): fault_injection options not supported [ 35.326410][ T586] F2FS-fs (loop1): fault_type options not supported [ 35.341219][ T586] F2FS-fs (loop1): invalid crc value [pid 586] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 584] <... write resumed>) = 20699119 [pid 585] <... write resumed>) = 20699119 [pid 584] munmap(0x7fc71771c000, 138412032 [pid 585] munmap(0x7fc71771c000, 138412032 [pid 584] <... munmap resumed>) = 0 [pid 585] <... munmap resumed>) = 0 [pid 584] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 585] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 584] <... openat resumed>) = 4 [pid 585] ioctl(4, LOOP_SET_FD, 3 [pid 584] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 584] close(3) = 0 [pid 584] close(4) = 0 [pid 584] mkdir("./file4", 0777) = 0 [ 35.379669][ T586] F2FS-fs (loop1): Found nat_bits in checkpoint [ 35.403350][ T585] loop4: detected capacity change from 0 to 40427 [ 35.410351][ T584] loop2: detected capacity change from 0 to 40427 [ 35.421528][ T584] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 584] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 585] <... ioctl resumed>) = 0 [pid 585] close(3) = 0 [pid 585] close(4) = 0 [pid 585] mkdir("./file4", 0777) = 0 [pid 585] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 35.428645][ T584] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 35.445335][ T585] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 35.463724][ T585] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 35.473278][ T584] F2FS-fs (loop2): fault_injection options not supported [ 35.484128][ T586] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 35.490453][ T584] F2FS-fs (loop2): fault_type options not supported [ 35.499762][ T586] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 35.499772][ T585] F2FS-fs (loop4): fault_injection options not supported [ 35.515350][ T585] F2FS-fs (loop4): fault_type options not supported [pid 589] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 586] <... mount resumed>) = 0 [pid 586] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 586] chdir("./file4") = 0 [pid 586] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 586] ioctl(4, LOOP_CLR_FD) = 0 [pid 586] close(4 [pid 591] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 586] <... close resumed>) = 0 [pid 586] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 583] <... futex resumed>) = 0 [pid 586] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 586] <... futex resumed>) = 0 [pid 586] fspick(AT_FDCWD, ".", 0 [pid 583] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... fspick resumed>) = 4 [pid 586] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 586] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 583] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 586] <... futex resumed>) = 0 [pid 583] <... futex resumed>) = 1 [pid 586] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 35.530630][ T584] F2FS-fs (loop2): invalid crc value [ 35.540934][ T585] F2FS-fs (loop4): invalid crc value [ 35.560398][ T584] F2FS-fs (loop2): Found nat_bits in checkpoint [ 35.560479][ T586] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 583] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 589] <... write resumed>) = 20699119 [ 35.577558][ T585] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 589] munmap(0x7fc71771c000, 138412032 [pid 586] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 586] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 586] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 589] <... munmap resumed>) = 0 [pid 583] <... futex resumed>) = 0 [pid 583] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 589] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 586] <... futex resumed>) = 0 [pid 583] <... futex resumed>) = 1 [pid 589] <... openat resumed>) = 4 [pid 586] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 583] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 589] ioctl(4, LOOP_SET_FD, 3 [pid 586] <... open resumed>) = 5 [pid 586] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 586] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] <... futex resumed>) = 0 [pid 583] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 583] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 586] <... futex resumed>) = 0 [pid 586] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 586] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 586] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 583] <... futex resumed>) = 0 [pid 583] close(3) = 0 [pid 583] close(4) = 0 [pid 583] close(5) = 0 [pid 583] close(6) = -1 EBADF (Bad file descriptor) [pid 583] close(7) = -1 EBADF (Bad file descriptor) [pid 583] close(8) = -1 EBADF (Bad file descriptor) [pid 583] close(9) = -1 EBADF (Bad file descriptor) [pid 583] close(10) = -1 EBADF (Bad file descriptor) [pid 583] close(11) = -1 EBADF (Bad file descriptor) [pid 583] close(12) = -1 EBADF (Bad file descriptor) [pid 583] close(13) = -1 EBADF (Bad file descriptor) [pid 583] close(14) = -1 EBADF (Bad file descriptor) [pid 583] close(15) = -1 EBADF (Bad file descriptor) [pid 583] close(16) = -1 EBADF (Bad file descriptor) [pid 583] close(17) = -1 EBADF (Bad file descriptor) [pid 583] close(18) = -1 EBADF (Bad file descriptor) [pid 583] close(19) = -1 EBADF (Bad file descriptor) [pid 583] close(20) = -1 EBADF (Bad file descriptor) [pid 583] close(21) = -1 EBADF (Bad file descriptor) [pid 583] close(22) = -1 EBADF (Bad file descriptor) [pid 583] close(23) = -1 EBADF (Bad file descriptor) [pid 583] close(24) = -1 EBADF (Bad file descriptor) [pid 583] close(25) = -1 EBADF (Bad file descriptor) [pid 583] close(26) = -1 EBADF (Bad file descriptor) [pid 583] close(27) = -1 EBADF (Bad file descriptor) [pid 583] close(28) = -1 EBADF (Bad file descriptor) [pid 583] close(29) = -1 EBADF (Bad file descriptor) [pid 583] exit_group(0 [pid 586] <... futex resumed>) = ? [pid 583] <... exit_group resumed>) = ? [pid 586] +++ exited with 0 +++ [pid 583] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=7, si_stime=22} --- [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 589] <... ioctl resumed>) = 0 [pid 589] close(3) = 0 [pid 589] close(4) = 0 [pid 589] mkdir("./file4", 0777 [pid 297] <... restart_syscall resumed>) = 0 [pid 589] <... mkdir resumed>) = 0 [pid 589] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 297] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 35.610469][ T589] loop0: detected capacity change from 0 to 40427 [ 35.631650][ T297] bio_check_eod: 12 callbacks suppressed [ 35.631669][ T297] syz-executor248: attempt to access beyond end of device [ 35.631669][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 35.631984][ T589] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 297] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 584] <... mount resumed>) = 0 [pid 584] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 584] chdir("./file4") = 0 [pid 584] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 35.661771][ T584] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 35.669007][ T584] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 35.684102][ T589] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 35.694831][ T585] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 35.702396][ T585] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 584] ioctl(4, LOOP_CLR_FD) = 0 [pid 584] close(4) = 0 [pid 584] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 582] <... futex resumed>) = 0 [pid 584] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 582] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 582] <... futex resumed>) = 0 [pid 584] fspick(AT_FDCWD, ".", 0 [pid 582] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 584] <... fspick resumed>) = 4 [pid 584] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 582] <... futex resumed>) = 0 [pid 584] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 582] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 582] <... futex resumed>) = 0 [pid 584] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 582] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 585] <... mount resumed>) = 0 [pid 584] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 591] <... write resumed>) = 20699119 [pid 585] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 584] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 585] <... openat resumed>) = 3 [pid 584] <... futex resumed>) = 1 [pid 582] <... futex resumed>) = 0 [pid 585] chdir("./file4" [pid 591] munmap(0x7fc71771c000, 138412032 [pid 585] <... chdir resumed>) = 0 [pid 584] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 582] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 585] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 584] <... open resumed>) = 5 [pid 582] <... futex resumed>) = 0 [pid 585] <... openat resumed>) = 4 [pid 584] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 585] ioctl(4, LOOP_CLR_FD [pid 584] <... futex resumed>) = 0 [pid 585] <... ioctl resumed>) = 0 [pid 584] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 582] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 585] close(4 [pid 584] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 582] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 585] <... close resumed>) = 0 [pid 584] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 585] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 584] <... futex resumed>) = 0 [pid 582] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 591] <... munmap resumed>) = 0 [pid 585] <... futex resumed>) = 1 [pid 584] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 582] close(3 [pid 581] <... futex resumed>) = 0 [pid 585] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 582] <... close resumed>) = 0 [pid 581] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 585] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 582] close(4 [pid 581] <... futex resumed>) = 0 [pid 591] <... openat resumed>) = 4 [pid 585] fspick(AT_FDCWD, ".", 0 [pid 582] <... close resumed>) = 0 [pid 581] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 585] <... fspick resumed>) = 4 [pid 591] ioctl(4, LOOP_SET_FD, 3 [ 35.711209][ T589] F2FS-fs (loop0): fault_injection options not supported [ 35.718959][ T589] F2FS-fs (loop0): fault_type options not supported [ 35.727876][ T584] F2FS-fs (loop2): switch discard_unit option is not allowed [ 35.741088][ T589] F2FS-fs (loop0): invalid crc value [pid 582] close(5) = 0 [pid 585] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 582] close(6) = -1 EBADF (Bad file descriptor) [pid 585] <... futex resumed>) = 1 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 585] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 582] close(7 [pid 581] <... futex resumed>) = 0 [pid 582] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 581] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 582] close(8) = -1 EBADF (Bad file descriptor) [pid 582] close(9) = -1 EBADF (Bad file descriptor) [pid 582] close(10) = -1 EBADF (Bad file descriptor) [pid 582] close(11) = -1 EBADF (Bad file descriptor) [pid 582] close(12) = -1 EBADF (Bad file descriptor) [pid 582] close(13) = -1 EBADF (Bad file descriptor) [pid 582] close(14) = -1 EBADF (Bad file descriptor) [pid 582] close(15) = -1 EBADF (Bad file descriptor) [pid 582] close(16) = -1 EBADF (Bad file descriptor) [pid 582] close(17) = -1 EBADF (Bad file descriptor) [pid 582] close(18) = -1 EBADF (Bad file descriptor) [pid 582] close(19) = -1 EBADF (Bad file descriptor) [pid 582] close(20) = -1 EBADF (Bad file descriptor) [pid 582] close(21) = -1 EBADF (Bad file descriptor) [pid 582] close(22) = -1 EBADF (Bad file descriptor) [pid 582] close(23) = -1 EBADF (Bad file descriptor) [pid 582] close(24) = -1 EBADF (Bad file descriptor) [pid 582] close(25) = -1 EBADF (Bad file descriptor) [pid 582] close(26) = -1 EBADF (Bad file descriptor) [pid 582] close(27) = -1 EBADF (Bad file descriptor) [pid 582] close(28) = -1 EBADF (Bad file descriptor) [pid 582] close(29) = -1 EBADF (Bad file descriptor) [pid 582] exit_group(0) = ? [pid 584] <... futex resumed>) = ? [pid 584] +++ exited with 0 +++ [pid 582] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=6, si_stime=13} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 591] <... ioctl resumed>) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 591] close(3 [pid 585] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 591] <... close resumed>) = 0 [pid 585] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 591] close(4 [pid 581] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 591] <... close resumed>) = 0 [pid 585] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 591] mkdir("./file4", 0777) = 0 [pid 585] <... open resumed>) = 5 [pid 591] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 585] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 581] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 581] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 585] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 585] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 581] <... futex resumed>) = 0 [pid 581] close(3 [pid 585] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 581] <... close resumed>) = 0 [pid 581] close(4) = 0 [pid 581] close(5) = 0 [pid 581] close(6) = -1 EBADF (Bad file descriptor) [pid 581] close(7) = -1 EBADF (Bad file descriptor) [pid 581] close(8) = -1 EBADF (Bad file descriptor) [pid 581] close(9) = -1 EBADF (Bad file descriptor) [pid 581] close(10) = -1 EBADF (Bad file descriptor) [pid 581] close(11) = -1 EBADF (Bad file descriptor) [pid 581] close(12) = -1 EBADF (Bad file descriptor) [pid 581] close(13) = -1 EBADF (Bad file descriptor) [pid 581] close(14) = -1 EBADF (Bad file descriptor) [pid 581] close(15) = -1 EBADF (Bad file descriptor) [pid 581] close(16) = -1 EBADF (Bad file descriptor) [pid 581] close(17) = -1 EBADF (Bad file descriptor) [pid 581] close(18) = -1 EBADF (Bad file descriptor) [pid 581] close(19) = -1 EBADF (Bad file descriptor) [pid 581] close(20) = -1 EBADF (Bad file descriptor) [pid 581] close(21) = -1 EBADF (Bad file descriptor) [pid 581] close(22) = -1 EBADF (Bad file descriptor) [pid 581] close(23) = -1 EBADF (Bad file descriptor) [pid 581] close(24) = -1 EBADF (Bad file descriptor) [pid 581] close(25) = -1 EBADF (Bad file descriptor) [pid 581] close(26) = -1 EBADF (Bad file descriptor) [pid 581] close(27) = -1 EBADF (Bad file descriptor) [pid 581] close(28) = -1 EBADF (Bad file descriptor) [pid 581] close(29) = -1 EBADF (Bad file descriptor) [pid 581] exit_group(0 [pid 585] <... futex resumed>) = ? [pid 581] <... exit_group resumed>) = ? [pid 585] +++ exited with 0 +++ [pid 581] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=12, si_stime=16} --- [ 35.759377][ T591] loop3: detected capacity change from 0 to 40427 [ 35.766849][ T585] F2FS-fs (loop4): switch discard_unit option is not allowed [ 35.780709][ T293] syz-executor248: attempt to access beyond end of device [ 35.780709][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 35.804152][ T591] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 35.818805][ T591] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 35.827933][ T589] F2FS-fs (loop0): Found nat_bits in checkpoint [ 35.828292][ T299] syz-executor248: attempt to access beyond end of device [ 35.828292][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 35.855932][ T591] F2FS-fs (loop3): fault_injection options not supported [pid 297] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./9/file4") = 0 [pid 297] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./9/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./9") = 0 [pid 297] mkdir("./10", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 22 ./strace-static-x86_64: Process 607 attached [pid 607] set_robust_list(0x5555875796a0, 24) = 0 [pid 607] chdir("./10") = 0 [pid 607] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 607] setpgid(0, 0) = 0 [pid 607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 607] write(3, "1000", 4) = 4 [pid 607] close(3) = 0 [pid 607] symlink("/dev/binderfs", "./binderfs") = 0 [pid 607] write(1, "executing program\n", 18executing program ) = 18 [pid 607] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 607] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 607] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 607] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 607] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 607] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 607] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[23]}, 88) = 23 [pid 607] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 607] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 607] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 608 attached [ 35.872280][ T591] F2FS-fs (loop3): fault_type options not supported [ 35.911392][ T591] F2FS-fs (loop3): invalid crc value [pid 608] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 608] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 608] memfd_create("syzkaller", 0) = 3 [pid 608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 589] <... mount resumed>) = 0 [pid 589] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 589] chdir("./file4") = 0 [pid 589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 589] ioctl(4, LOOP_CLR_FD) = 0 [pid 589] close(4) = 0 [pid 589] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 589] fspick(AT_FDCWD, ".", 0) = 4 [pid 589] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 35.917454][ T589] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 35.927590][ T589] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 35.949847][ T591] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 589] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 589] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 589] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 589] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 588] <... futex resumed>) = 0 [pid 588] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 588] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 589] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 589] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 588] <... futex resumed>) = 0 [pid 588] close(3 [pid 589] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 588] <... close resumed>) = 0 [pid 588] close(4) = 0 [pid 588] close(5) = 0 [pid 588] close(6) = -1 EBADF (Bad file descriptor) [pid 588] close(7) = -1 EBADF (Bad file descriptor) [pid 588] close(8) = -1 EBADF (Bad file descriptor) [pid 588] close(9) = -1 EBADF (Bad file descriptor) [pid 588] close(10) = -1 EBADF (Bad file descriptor) [pid 588] close(11) = -1 EBADF (Bad file descriptor) [pid 588] close(12) = -1 EBADF (Bad file descriptor) [pid 588] close(13) = -1 EBADF (Bad file descriptor) [pid 588] close(14) = -1 EBADF (Bad file descriptor) [pid 588] close(15) = -1 EBADF (Bad file descriptor) [pid 588] close(16) = -1 EBADF (Bad file descriptor) [pid 588] close(17) = -1 EBADF (Bad file descriptor) [pid 588] close(18) = -1 EBADF (Bad file descriptor) [pid 588] close(19) = -1 EBADF (Bad file descriptor) [pid 588] close(20) = -1 EBADF (Bad file descriptor) [pid 588] close(21) = -1 EBADF (Bad file descriptor) [pid 588] close(22) = -1 EBADF (Bad file descriptor) [pid 588] close(23) = -1 EBADF (Bad file descriptor) [pid 588] close(24) = -1 EBADF (Bad file descriptor) [pid 588] close(25) = -1 EBADF (Bad file descriptor) [pid 588] close(26) = -1 EBADF (Bad file descriptor) [pid 588] close(27) = -1 EBADF (Bad file descriptor) [pid 588] close(28) = -1 EBADF (Bad file descriptor) [pid 588] close(29) = -1 EBADF (Bad file descriptor) [pid 588] exit_group(0) = ? [pid 589] <... futex resumed>) = ? [pid 589] +++ exited with 0 +++ [pid 588] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=20, si_uid=0, si_status=0, si_utime=8, si_stime=19} --- [ 35.966338][ T589] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 36.009871][ T294] syz-executor248: attempt to access beyond end of device [ 36.009871][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 294] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 591] <... mount resumed>) = 0 [pid 293] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 591] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 591] chdir("./file4" [pid 293] newfstatat(AT_FDCWD, "./9/file4", [pid 591] <... chdir resumed>) = 0 [pid 591] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 591] <... openat resumed>) = 4 [pid 293] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 591] ioctl(4, LOOP_CLR_FD [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 591] <... ioctl resumed>) = 0 [pid 293] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 591] close(4 [pid 293] <... openat resumed>) = 4 [pid 591] <... close resumed>) = 0 [pid 293] newfstatat(4, "", [pid 591] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 591] <... futex resumed>) = 1 [pid 590] <... futex resumed>) = 0 [pid 591] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 293] getdents64(4, [pid 591] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 590] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 591] fspick(AT_FDCWD, ".", 0 [pid 590] <... futex resumed>) = 0 [pid 293] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 591] <... fspick resumed>) = 4 [pid 590] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] getdents64(4, [pid 591] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 591] <... futex resumed>) = 0 [pid 590] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] close(4 [pid 591] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 590] <... futex resumed>) = 0 [pid 293] <... close resumed>) = 0 [ 36.050852][ T591] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 36.058023][ T591] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 590] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] rmdir("./9/file4") = 0 [pid 293] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./9/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./9") = 0 [pid 293] mkdir("./10", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 22 [pid 591] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 614 attached [pid 591] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] set_robust_list(0x5555875796a0, 24 [pid 591] <... futex resumed>) = 1 [pid 590] <... futex resumed>) = 0 [pid 614] <... set_robust_list resumed>) = 0 [pid 591] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 590] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] chdir("./10" [pid 591] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 590] <... futex resumed>) = 0 [pid 614] <... chdir resumed>) = 0 [pid 591] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 590] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 614] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 591] <... open resumed>) = 5 [pid 614] <... prctl resumed>) = 0 [pid 591] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] setpgid(0, 0 [pid 591] <... futex resumed>) = 1 [pid 590] <... futex resumed>) = 0 [pid 614] <... setpgid resumed>) = 0 [pid 591] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 590] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 591] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 590] <... futex resumed>) = 0 [pid 614] <... openat resumed>) = 3 [pid 590] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 591] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 614] write(3, "1000", 4) = 4 [pid 591] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 614] close(3 [pid 591] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 614] <... close resumed>) = 0 [pid 591] <... futex resumed>) = 1 [pid 614] symlink("/dev/binderfs", "./binderfs" [pid 590] <... futex resumed>) = 0 executing program [pid 614] <... symlink resumed>) = 0 [pid 591] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 590] close(3 [pid 614] write(1, "executing program\n", 18 [pid 590] <... close resumed>) = 0 [pid 614] <... write resumed>) = 18 [pid 590] close(4 [pid 614] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... close resumed>) = 0 [pid 614] <... futex resumed>) = 0 [pid 590] close(5 [pid 614] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 590] <... close resumed>) = 0 [pid 614] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 590] close(6 [pid 614] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 590] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 614] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 590] close(7 [pid 614] <... mmap resumed>) = 0x7fc71fb1c000 [pid 590] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 614] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 590] close(8 [pid 614] <... mprotect resumed>) = 0 [pid 590] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 614] rt_sigprocmask(SIG_BLOCK, ~[], [pid 590] close(9 [pid 614] <... rt_sigprocmask resumed>[], 8) = 0 [pid 590] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 614] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 590] close(10) = -1 EBADF (Bad file descriptor) [pid 614] <... clone3 resumed> => {parent_tid=[23]}, 88) = 23 [pid 590] close(11 [pid 614] rt_sigprocmask(SIG_SETMASK, [], [pid 590] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 614] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 590] close(12 [pid 614] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 590] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 614] <... futex resumed>) = 0 [pid 590] close(13 [pid 614] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 590] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 590] close(14) = -1 EBADF (Bad file descriptor) [pid 590] close(15) = -1 EBADF (Bad file descriptor) [pid 590] close(16) = -1 EBADF (Bad file descriptor) [pid 590] close(17) = -1 EBADF (Bad file descriptor) [pid 590] close(18) = -1 EBADF (Bad file descriptor) [pid 590] close(19) = -1 EBADF (Bad file descriptor) [pid 590] close(20) = -1 EBADF (Bad file descriptor) [pid 590] close(21) = -1 EBADF (Bad file descriptor) [pid 590] close(22) = -1 EBADF (Bad file descriptor) [pid 590] close(23) = -1 EBADF (Bad file descriptor) [pid 590] close(24) = -1 EBADF (Bad file descriptor) [pid 590] close(25) = -1 EBADF (Bad file descriptor) [pid 590] close(26) = -1 EBADF (Bad file descriptor) [pid 590] close(27) = -1 EBADF (Bad file descriptor) [pid 590] close(28) = -1 EBADF (Bad file descriptor) [pid 590] close(29) = -1 EBADF (Bad file descriptor) [pid 590] exit_group(0 [pid 591] <... futex resumed>) = ? [pid 590] <... exit_group resumed>) = ? [pid 591] +++ exited with 0 +++ [pid 590] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=7, si_stime=20} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 615 attached ) = 0 [pid 615] set_robust_list(0x7fc71fb3c9a0, 24 [pid 298] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 615] <... set_robust_list resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 615] rt_sigprocmask(SIG_SETMASK, [], [pid 298] <... openat resumed>) = 3 [pid 298] newfstatat(3, "", [pid 615] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 36.098010][ T591] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 298] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 608] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 615] memfd_create("syzkaller", 0) = 3 [pid 615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./9/file4") = 0 [pid 299] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./9/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./9") = 0 [pid 299] mkdir("./10", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 22 ./strace-static-x86_64: Process 616 attached [pid 616] set_robust_list(0x5555875796a0, 24) = 0 [pid 616] chdir("./10") = 0 [pid 616] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 616] setpgid(0, 0) = 0 [pid 616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 616] write(3, "1000", 4) = 4 [pid 616] close(3) = 0 [pid 616] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 616] write(1, "executing program\n", 18) = 18 [pid 616] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 616] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 616] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 616] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 616] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 616] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 616] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[23]}, 88) = 23 [pid 616] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 616] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 616] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 617 attached [pid 617] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 617] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 617] memfd_create("syzkaller", 0) = 3 [pid 617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 36.143272][ T298] syz-executor248: attempt to access beyond end of device [ 36.143272][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 608] <... write resumed>) = 20699119 [pid 608] munmap(0x7fc71771c000, 138412032) = 0 [pid 608] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 608] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 608] close(3) = 0 [pid 608] close(4) = 0 [pid 608] mkdir("./file4", 0777) = 0 [pid 608] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./9/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 36.277974][ T608] loop1: detected capacity change from 0 to 40427 [ 36.296362][ T608] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 36.310380][ T608] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 294] umount2("./9/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./9/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./9/file4") = 0 [pid 294] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./9/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./9") = 0 [pid 294] mkdir("./10", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 22 ./strace-static-x86_64: Process 618 attached [pid 618] set_robust_list(0x5555875796a0, 24) = 0 [pid 618] chdir("./10") = 0 [pid 618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 618] setpgid(0, 0) = 0 [pid 618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 618] write(3, "1000", 4) = 4 [pid 618] close(3) = 0 [pid 618] symlink("/dev/binderfs", "./binderfs") = 0 [pid 618] write(1, "executing program\n", 18executing program ) = 18 [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 618] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 618] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 618] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 618] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 618] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[23]}, 88) = 23 [pid 618] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 618] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 36.328395][ T608] F2FS-fs (loop1): fault_injection options not supported [ 36.352551][ T608] F2FS-fs (loop1): fault_type options not supported [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 619 attached [pid 619] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 619] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 619] memfd_create("syzkaller", 0) = 3 [pid 619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 617] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 36.380478][ T608] F2FS-fs (loop1): invalid crc value [pid 615] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./10/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./10/file4") = 0 [pid 298] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./10/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./10") = 0 [pid 298] mkdir("./11", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 24 ./strace-static-x86_64: Process 623 attached [pid 623] set_robust_list(0x5555875796a0, 24) = 0 [pid 623] chdir("./11") = 0 [pid 623] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 623] setpgid(0, 0) = 0 [pid 623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 623] write(3, "1000", 4) = 4 [pid 623] close(3) = 0 [pid 623] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 623] write(1, "executing program\n", 18) = 18 [pid 623] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 623] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 623] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 623] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 623] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 623] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 623] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[25]}, 88) = 25 [pid 623] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 623] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 623] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 624 attached [pid 624] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 624] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 624] memfd_create("syzkaller", 0) = 3 [pid 624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 36.438185][ T608] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 615] <... write resumed>) = 20699119 [pid 615] munmap(0x7fc71771c000, 138412032) = 0 [pid 615] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 615] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 615] close(3) = 0 [pid 615] close(4) = 0 [pid 615] mkdir("./file4", 0777) = 0 [ 36.560982][ T615] loop2: detected capacity change from 0 to 40427 [ 36.561749][ T608] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 36.578016][ T615] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 36.596601][ T608] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 615] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 617] <... write resumed>) = 20699119 [pid 617] munmap(0x7fc71771c000, 138412032) = 0 [pid 617] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 617] ioctl(4, LOOP_SET_FD, 3 [pid 608] <... mount resumed>) = 0 [pid 608] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 608] chdir("./file4") = 0 [pid 608] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 608] ioctl(4, LOOP_CLR_FD) = 0 [pid 608] close(4) = 0 [pid 608] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 608] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 617] <... ioctl resumed>) = 0 [pid 617] close(3) = 0 [pid 617] close(4) = 0 [pid 617] mkdir("./file4", 0777) = 0 [pid 607] <... futex resumed>) = 0 [pid 617] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 607] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 607] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 608] <... futex resumed>) = 0 [pid 608] fspick(AT_FDCWD, ".", 0) = 4 [pid 608] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 607] <... futex resumed>) = 0 [pid 608] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 607] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 608] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 607] <... futex resumed>) = 0 [ 36.604418][ T615] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 36.619051][ T617] loop4: detected capacity change from 0 to 40427 [ 36.623752][ T615] F2FS-fs (loop2): fault_injection options not supported [ 36.641234][ T617] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 36.651201][ T608] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 607] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 624] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 608] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 607] <... futex resumed>) = 0 [pid 607] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 607] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 608] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 608] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 608] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 607] <... futex resumed>) = 0 [pid 607] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 607] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 608] <... futex resumed>) = 0 [pid 608] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 608] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 607] <... futex resumed>) = 0 [pid 607] close(3) = 0 [pid 607] close(4) = 0 [pid 607] close(5) = 0 [pid 607] close(6) = -1 EBADF (Bad file descriptor) [pid 607] close(7 [pid 608] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 607] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 607] close(8) = -1 EBADF (Bad file descriptor) [pid 607] close(9) = -1 EBADF (Bad file descriptor) [pid 607] close(10) = -1 EBADF (Bad file descriptor) [pid 607] close(11) = -1 EBADF (Bad file descriptor) [pid 607] close(12) = -1 EBADF (Bad file descriptor) [pid 607] close(13) = -1 EBADF (Bad file descriptor) [pid 607] close(14) = -1 EBADF (Bad file descriptor) [pid 607] close(15) = -1 EBADF (Bad file descriptor) [pid 607] close(16) = -1 EBADF (Bad file descriptor) [pid 607] close(17) = -1 EBADF (Bad file descriptor) [pid 607] close(18) = -1 EBADF (Bad file descriptor) [pid 607] close(19) = -1 EBADF (Bad file descriptor) [pid 607] close(20) = -1 EBADF (Bad file descriptor) [pid 607] close(21) = -1 EBADF (Bad file descriptor) [pid 607] close(22) = -1 EBADF (Bad file descriptor) [pid 607] close(23) = -1 EBADF (Bad file descriptor) [pid 607] close(24) = -1 EBADF (Bad file descriptor) [pid 607] close(25) = -1 EBADF (Bad file descriptor) [pid 607] close(26) = -1 EBADF (Bad file descriptor) [pid 607] close(27) = -1 EBADF (Bad file descriptor) [pid 607] close(28) = -1 EBADF (Bad file descriptor) [pid 607] close(29) = -1 EBADF (Bad file descriptor) [pid 607] exit_group(0 [pid 608] <... futex resumed>) = ? [pid 607] <... exit_group resumed>) = ? [pid 608] +++ exited with 0 +++ [pid 607] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=5, si_stime=22} --- [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 619] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 297] <... restart_syscall resumed>) = 0 [pid 297] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 36.658926][ T615] F2FS-fs (loop2): fault_type options not supported [ 36.659800][ T617] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 36.675364][ T615] F2FS-fs (loop2): invalid crc value [ 36.695813][ T615] F2FS-fs (loop2): Found nat_bits in checkpoint [ 36.722671][ T297] syz-executor248: attempt to access beyond end of device [ 36.722671][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 36.749686][ T617] F2FS-fs (loop4): fault_injection options not supported [pid 297] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 624] <... write resumed>) = 20699119 [pid 615] <... mount resumed>) = 0 [pid 624] munmap(0x7fc71771c000, 138412032 [pid 615] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 624] <... munmap resumed>) = 0 [pid 624] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 615] <... openat resumed>) = 3 [pid 624] <... openat resumed>) = 4 [pid 615] chdir("./file4" [pid 624] ioctl(4, LOOP_SET_FD, 3 [pid 615] <... chdir resumed>) = 0 [pid 624] <... ioctl resumed>) = 0 [pid 615] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 624] close(3) = 0 [pid 615] <... openat resumed>) = 4 [pid 615] ioctl(4, LOOP_CLR_FD [pid 624] close(4 [pid 615] <... ioctl resumed>) = 0 [pid 624] <... close resumed>) = 0 [pid 624] mkdir("./file4", 0777 [pid 615] close(4 [pid 624] <... mkdir resumed>) = 0 [pid 615] <... close resumed>) = 0 [pid 624] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 615] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 614] <... futex resumed>) = 0 [pid 614] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 36.770650][ T615] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 36.788401][ T615] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 36.788458][ T617] F2FS-fs (loop4): fault_type options not supported [ 36.805104][ T624] loop3: detected capacity change from 0 to 40427 [ 36.807371][ T617] F2FS-fs (loop4): invalid crc value [pid 614] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 615] fspick(AT_FDCWD, ".", 0) = 4 [pid 615] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 614] <... futex resumed>) = 0 [pid 615] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 614] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 615] <... futex resumed>) = 0 [pid 614] <... futex resumed>) = 1 [pid 615] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 614] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 615] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 615] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 615] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 614] <... futex resumed>) = 0 [pid 614] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 615] <... futex resumed>) = 0 [pid 614] <... futex resumed>) = 1 [pid 615] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 614] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 615] <... open resumed>) = 5 [pid 615] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 614] <... futex resumed>) = 0 [pid 615] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 614] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 615] <... futex resumed>) = 0 [pid 614] <... futex resumed>) = 1 [pid 615] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 614] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 615] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 614] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 615] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 614] close(3) = 0 [pid 614] close(4) = 0 [pid 614] close(5) = 0 [pid 614] close(6) = -1 EBADF (Bad file descriptor) [pid 614] close(7) = -1 EBADF (Bad file descriptor) [pid 614] close(8) = -1 EBADF (Bad file descriptor) [pid 614] close(9) = -1 EBADF (Bad file descriptor) [pid 614] close(10) = -1 EBADF (Bad file descriptor) [pid 614] close(11) = -1 EBADF (Bad file descriptor) [pid 614] close(12) = -1 EBADF (Bad file descriptor) [pid 614] close(13) = -1 EBADF (Bad file descriptor) [pid 614] close(14) = -1 EBADF (Bad file descriptor) [pid 614] close(15) = -1 EBADF (Bad file descriptor) [pid 614] close(16) = -1 EBADF (Bad file descriptor) [pid 614] close(17) = -1 EBADF (Bad file descriptor) [pid 614] close(18) = -1 EBADF (Bad file descriptor) [pid 614] close(19) = -1 EBADF (Bad file descriptor) [pid 614] close(20) = -1 EBADF (Bad file descriptor) [pid 614] close(21) = -1 EBADF (Bad file descriptor) [pid 614] close(22) = -1 EBADF (Bad file descriptor) [pid 614] close(23) = -1 EBADF (Bad file descriptor) [pid 614] close(24) = -1 EBADF (Bad file descriptor) [pid 614] close(25) = -1 EBADF (Bad file descriptor) [pid 614] close(26) = -1 EBADF (Bad file descriptor) [pid 614] close(27) = -1 EBADF (Bad file descriptor) [pid 614] close(28) = -1 EBADF (Bad file descriptor) [pid 614] close(29) = -1 EBADF (Bad file descriptor) [pid 614] exit_group(0) = ? [pid 615] <... futex resumed>) = ? [pid 615] +++ exited with 0 +++ [pid 614] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=4, si_stime=22} --- [ 36.831152][ T624] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 36.840168][ T615] F2FS-fs (loop2): switch discard_unit option is not allowed [ 36.859844][ T624] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 619] <... write resumed>) = 20699119 [pid 619] munmap(0x7fc71771c000, 138412032) = 0 [pid 619] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 36.893766][ T624] F2FS-fs (loop3): fault_injection options not supported [ 36.902454][ T293] syz-executor248: attempt to access beyond end of device [ 36.902454][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 36.907573][ T624] F2FS-fs (loop3): fault_type options not supported [ 36.917216][ T617] F2FS-fs (loop4): Found nat_bits in checkpoint [ 36.931617][ T624] F2FS-fs (loop3): invalid crc value [pid 619] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 297] <... umount2 resumed>) = 0 [pid 619] close(3) = 0 [pid 297] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 619] close(4 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 619] <... close resumed>) = 0 [pid 297] newfstatat(AT_FDCWD, "./10/file4", [pid 619] mkdir("./file4", 0777 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 619] <... mkdir resumed>) = 0 [pid 297] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 619] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./10/file4") = 0 [pid 297] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./10/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./10") = 0 [pid 297] mkdir("./11", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 24 [ 36.941075][ T619] loop0: detected capacity change from 0 to 40427 [ 36.963105][ T619] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 36.972831][ T619] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 36.984269][ T624] F2FS-fs (loop3): Found nat_bits in checkpoint ./strace-static-x86_64: Process 636 attached [pid 636] set_robust_list(0x5555875796a0, 24) = 0 [pid 636] chdir("./11") = 0 [pid 636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 636] setpgid(0, 0) = 0 [pid 636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 636] write(3, "1000", 4) = 4 [pid 636] close(3) = 0 [pid 636] symlink("/dev/binderfs", "./binderfs") = 0 [pid 636] write(1, "executing program\n", 18executing program ) = 18 [ 37.006022][ T619] F2FS-fs (loop0): fault_injection options not supported [ 37.011895][ T617] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 37.023762][ T619] F2FS-fs (loop0): fault_type options not supported [ 37.024133][ T617] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 636] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 636] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 636] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 617] <... mount resumed>) = 0 [pid 636] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 636] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 636] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 636] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 636] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[25]}, 88) = 25 [pid 636] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 636] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 617] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 617] <... openat resumed>) = 3 ./strace-static-x86_64: Process 640 attached [pid 617] chdir("./file4") = 0 [pid 640] set_robust_list(0x7fc71fb3c9a0, 24 [pid 617] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 640] <... set_robust_list resumed>) = 0 [pid 617] <... openat resumed>) = 4 [pid 640] rt_sigprocmask(SIG_SETMASK, [], [pid 617] ioctl(4, LOOP_CLR_FD [pid 640] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 617] <... ioctl resumed>) = 0 [pid 617] close(4) = 0 [pid 617] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 616] <... futex resumed>) = 0 [pid 617] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 616] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 617] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 617] fspick(AT_FDCWD, ".", 0 [pid 616] <... futex resumed>) = 0 [pid 616] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 617] <... fspick resumed>) = 4 [pid 617] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 617] <... futex resumed>) = 0 [pid 640] memfd_create("syzkaller", 0 [pid 617] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 616] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 640] <... memfd_create resumed>) = 3 [pid 617] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 617] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 616] <... futex resumed>) = 0 [pid 616] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 617] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 640] <... mmap resumed>) = 0x7fc71771c000 [pid 617] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 616] <... futex resumed>) = 0 [pid 616] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 37.051209][ T619] F2FS-fs (loop0): invalid crc value [ 37.064083][ T619] F2FS-fs (loop0): Found nat_bits in checkpoint [ 37.072842][ T617] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 616] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 617] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 617] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 616] <... futex resumed>) = 0 [pid 617] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 616] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 617] <... futex resumed>) = 0 [pid 616] <... futex resumed>) = 1 [pid 617] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 616] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 617] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 617] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 616] close(3) = 0 [pid 616] close(4) = 0 [pid 616] close(5) = 0 [pid 616] close(6) = -1 EBADF (Bad file descriptor) [pid 616] close(7) = -1 EBADF (Bad file descriptor) [pid 616] close(8) = -1 EBADF (Bad file descriptor) [pid 616] close(9) = -1 EBADF (Bad file descriptor) [pid 616] close(10) = -1 EBADF (Bad file descriptor) [pid 616] close(11) = -1 EBADF (Bad file descriptor) [pid 616] close(12) = -1 EBADF (Bad file descriptor) [pid 616] close(13) = -1 EBADF (Bad file descriptor) [pid 616] close(14) = -1 EBADF (Bad file descriptor) [pid 616] close(15) = -1 EBADF (Bad file descriptor) [pid 616] close(16) = -1 EBADF (Bad file descriptor) [pid 616] close(17) = -1 EBADF (Bad file descriptor) [pid 616] close(18) = -1 EBADF (Bad file descriptor) [pid 616] close(19) = -1 EBADF (Bad file descriptor) [pid 616] close(20) = -1 EBADF (Bad file descriptor) [pid 616] close(21) = -1 EBADF (Bad file descriptor) [pid 616] close(22) = -1 EBADF (Bad file descriptor) [pid 616] close(23) = -1 EBADF (Bad file descriptor) [pid 616] close(24) = -1 EBADF (Bad file descriptor) [pid 616] close(25) = -1 EBADF (Bad file descriptor) [pid 616] close(26) = -1 EBADF (Bad file descriptor) [pid 616] close(27) = -1 EBADF (Bad file descriptor) [pid 616] close(28) = -1 EBADF (Bad file descriptor) [pid 616] close(29) = -1 EBADF (Bad file descriptor) [pid 616] exit_group(0) = ? [pid 617] <... futex resumed>) = ? [pid 617] +++ exited with 0 +++ [pid 616] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 37.099982][ T624] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 37.118781][ T624] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 37.127796][ T619] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 37.138413][ T299] syz-executor248: attempt to access beyond end of device [pid 299] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./10/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./10/file4") = 0 [pid 293] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./10/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./10" [pid 624] <... mount resumed>) = 0 [pid 293] <... rmdir resumed>) = 0 [pid 624] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 293] mkdir("./11", 0777 [pid 624] <... openat resumed>) = 3 [pid 293] <... mkdir resumed>) = 0 [pid 624] chdir("./file4" [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 624] <... chdir resumed>) = 0 [pid 293] <... openat resumed>) = 3 [pid 624] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 293] ioctl(3, LOOP_CLR_FD [pid 624] <... openat resumed>) = 4 [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 624] ioctl(4, LOOP_CLR_FD [pid 293] close(3) = 0 [pid 624] <... ioctl resumed>) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 624] close(4) = 0 [pid 619] <... mount resumed>) = 0 [pid 619] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 644 attached [pid 624] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... clone resumed>, child_tidptr=0x555587579690) = 24 [pid 624] <... futex resumed>) = 1 [pid 623] <... futex resumed>) = 0 [pid 624] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 623] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] set_robust_list(0x5555875796a0, 24 [pid 624] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 623] <... futex resumed>) = 0 [pid 644] <... set_robust_list resumed>) = 0 [pid 624] fspick(AT_FDCWD, ".", 0 [pid 623] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 624] <... fspick resumed>) = 4 [pid 644] chdir("./11" [pid 624] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... chdir resumed>) = 0 [pid 624] <... futex resumed>) = 1 [pid 623] <... futex resumed>) = 0 [pid 644] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 624] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 623] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... prctl resumed>) = 0 [pid 624] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 623] <... futex resumed>) = 0 [pid 644] setpgid(0, 0 [pid 624] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 623] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 644] <... setpgid resumed>) = 0 [pid 619] chdir("./file4") = 0 [ 37.138413][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 37.161341][ T619] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 619] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 619] ioctl(4, LOOP_CLR_FD) = 0 [pid 619] close(4) = 0 [pid 619] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] fspick(AT_FDCWD, ".", 0) = 4 [pid 619] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 1 [pid 619] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 624] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 644] write(3, "1000", 4 [pid 624] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... write resumed>) = 4 [pid 624] <... futex resumed>) = 1 [pid 623] <... futex resumed>) = 0 [pid 644] close(3 [pid 624] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 623] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... close resumed>) = 0 [pid 624] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 623] <... futex resumed>) = 0 [pid 644] symlink("/dev/binderfs", "./binderfs" [pid 624] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 623] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 644] <... symlink resumed>) = 0 executing program [pid 644] write(1, "executing program\n", 18 [pid 624] <... open resumed>) = 5 [pid 644] <... write resumed>) = 18 [pid 624] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 624] <... futex resumed>) = 1 [pid 623] <... futex resumed>) = 0 [pid 644] <... futex resumed>) = 0 [pid 624] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 623] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 624] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 623] <... futex resumed>) = 0 [pid 644] <... rt_sigaction resumed>NULL, 8) = 0 [pid 624] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 623] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 644] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 624] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 644] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 624] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... mmap resumed>) = 0x7fc71fb1c000 [pid 624] <... futex resumed>) = 1 [pid 623] <... futex resumed>) = 0 [pid 644] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 624] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 623] close(3 [pid 644] <... mprotect resumed>) = 0 [pid 623] <... close resumed>) = 0 [pid 644] rt_sigprocmask(SIG_BLOCK, ~[], [pid 623] close(4 [pid 644] <... rt_sigprocmask resumed>[], 8) = 0 [pid 623] <... close resumed>) = 0 [pid 644] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 623] close(5) = 0 [pid 644] <... clone3 resumed> => {parent_tid=[25]}, 88) = 25 [pid 623] close(6 [pid 644] rt_sigprocmask(SIG_SETMASK, [], [pid 623] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 644] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 623] close(7 [pid 644] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 623] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 644] <... futex resumed>) = 0 [pid 623] close(8 [pid 644] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 623] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 623] close(9) = -1 EBADF (Bad file descriptor) [pid 623] close(10) = -1 EBADF (Bad file descriptor) [pid 623] close(11) = -1 EBADF (Bad file descriptor) [pid 623] close(12) = -1 EBADF (Bad file descriptor) [pid 623] close(13) = -1 EBADF (Bad file descriptor) [pid 623] close(14) = -1 EBADF (Bad file descriptor) [pid 623] close(15) = -1 EBADF (Bad file descriptor) [pid 623] close(16) = -1 EBADF (Bad file descriptor) [pid 623] close(17) = -1 EBADF (Bad file descriptor) [pid 623] close(18) = -1 EBADF (Bad file descriptor) [pid 623] close(19) = -1 EBADF (Bad file descriptor) [pid 623] close(20) = -1 EBADF (Bad file descriptor) [pid 623] close(21 [pid 640] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 623] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 623] close(22) = -1 EBADF (Bad file descriptor) [pid 623] close(23) = -1 EBADF (Bad file descriptor) [pid 623] close(24) = -1 EBADF (Bad file descriptor) [pid 623] close(25) = -1 EBADF (Bad file descriptor) [pid 623] close(26) = -1 EBADF (Bad file descriptor) [pid 623] close(27) = -1 EBADF (Bad file descriptor) [pid 623] close(28) = -1 EBADF (Bad file descriptor) [pid 623] close(29) = -1 EBADF (Bad file descriptor) [pid 623] exit_group(0 [pid 624] <... futex resumed>) = ? [pid 623] <... exit_group resumed>) = ? [pid 624] +++ exited with 0 +++ ./strace-static-x86_64: Process 645 attached [pid 623] +++ exited with 0 +++ [pid 645] set_robust_list(0x7fc71fb3c9a0, 24 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=4, si_stime=23} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 645] <... set_robust_list resumed>) = 0 [pid 645] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 645] memfd_create("syzkaller", 0) = 3 [pid 645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 37.196115][ T624] F2FS-fs (loop3): switch discard_unit option is not allowed [ 37.200878][ T619] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 298] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 618] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 618] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fafb000 [pid 618] mprotect(0x7fc71fafc000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 618] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 618] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb1b990, parent_tid=0x7fc71fb1b990, exit_signal=0, stack=0x7fc71fafb000, stack_size=0x20300, tls=0x7fc71fb1b6c0} => {parent_tid=[24]}, 88) = 24 [pid 618] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 618] futex(0x7fc71fc0d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 618] futex(0x7fc71fc0d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 619] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 619] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 646 attached [pid 646] set_robust_list(0x7fc71fb1b9a0, 24) = 0 [pid 646] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 646] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 646] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 618] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 619] <... futex resumed>) = 0 [pid 619] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 619] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 618] <... futex resumed>) = 0 [pid 618] close(3) = 0 [pid 618] close(4) = 0 [pid 618] close(5) = 0 [pid 618] close(6) = -1 EBADF (Bad file descriptor) [pid 618] close(7) = -1 EBADF (Bad file descriptor) [pid 618] close(8) = -1 EBADF (Bad file descriptor) [pid 618] close(9) = -1 EBADF (Bad file descriptor) [pid 618] close(10) = -1 EBADF (Bad file descriptor) [pid 618] close(11) = -1 EBADF (Bad file descriptor) [pid 618] close(12) = -1 EBADF (Bad file descriptor) [pid 618] close(13) = -1 EBADF (Bad file descriptor) [pid 618] close(14) = -1 EBADF (Bad file descriptor) [pid 618] close(15) = -1 EBADF (Bad file descriptor) [pid 618] close(16) = -1 EBADF (Bad file descriptor) [pid 618] close(17) = -1 EBADF (Bad file descriptor) [pid 618] close(18) = -1 EBADF (Bad file descriptor) [pid 618] close(19) = -1 EBADF (Bad file descriptor) [pid 618] close(20) = -1 EBADF (Bad file descriptor) [pid 618] close(21) = -1 EBADF (Bad file descriptor) [pid 618] close(22) = -1 EBADF (Bad file descriptor) [pid 618] close(23) = -1 EBADF (Bad file descriptor) [pid 618] close(24) = -1 EBADF (Bad file descriptor) [pid 618] close(25) = -1 EBADF (Bad file descriptor) [pid 618] close(26) = -1 EBADF (Bad file descriptor) [pid 618] close(27) = -1 EBADF (Bad file descriptor) [pid 618] close(28) = -1 EBADF (Bad file descriptor) [pid 618] close(29) = -1 EBADF (Bad file descriptor) [pid 618] exit_group(0) = ? [pid 619] <... futex resumed>) = ? [pid 619] +++ exited with 0 +++ [pid 646] <... futex resumed>) = ? [pid 646] +++ exited with 0 +++ [pid 618] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 37.245791][ T298] syz-executor248: attempt to access beyond end of device [ 37.245791][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 37.276532][ T294] syz-executor248: attempt to access beyond end of device [ 37.276532][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 294] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 640] <... write resumed>) = 20699119 [pid 640] munmap(0x7fc71771c000, 138412032) = 0 [pid 640] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 640] ioctl(4, LOOP_SET_FD, 3 [pid 299] <... umount2 resumed>) = 0 [pid 640] <... ioctl resumed>) = 0 [pid 640] close(3) = 0 [pid 640] close(4) = 0 [pid 640] mkdir("./file4", 0777) = 0 [pid 640] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 299] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./10/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./10/file4") = 0 [pid 299] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./10/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./10") = 0 [pid 299] mkdir("./11", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3 [pid 294] <... umount2 resumed>) = 0 [pid 299] <... close resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 24 [pid 298] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 647 attached [pid 647] set_robust_list(0x5555875796a0, 24) = 0 [ 37.438447][ T640] loop1: detected capacity change from 0 to 40427 [ 37.462542][ T640] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 37.475875][ T640] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 647] chdir("./11") = 0 [pid 647] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 647] setpgid(0, 0) = 0 [pid 647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 647] write(3, "1000", 4) = 4 [pid 647] close(3) = 0 [pid 647] symlink("/dev/binderfs", "./binderfs") = 0 [pid 647] write(1, "executing program\n", 18executing program ) = 18 [pid 647] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 647] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 647] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 647] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 647] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 647] rt_sigprocmask(SIG_BLOCK, ~[], [pid 298] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 647] <... rt_sigprocmask resumed>[], 8) = 0 [pid 647] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[25]}, 88) = 25 [pid 647] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 647] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 647] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 645] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 648 attached [pid 298] newfstatat(AT_FDCWD, "./11/file4", [pid 294] newfstatat(AT_FDCWD, "./10/file4", [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 648] set_robust_list(0x7fc71fb3c9a0, 24 [pid 298] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 648] <... set_robust_list resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] umount2("./10/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 648] rt_sigprocmask(SIG_SETMASK, [], [pid 298] openat(AT_FDCWD, "./11/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 648] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] <... openat resumed>) = 4 [pid 294] openat(AT_FDCWD, "./10/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 298] newfstatat(4, "", [pid 294] <... openat resumed>) = 4 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] newfstatat(4, "", [pid 298] getdents64(4, [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, [pid 648] memfd_create("syzkaller", 0 [pid 298] getdents64(4, [pid 294] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] getdents64(4, [pid 648] <... memfd_create resumed>) = 3 [pid 298] close(4 [pid 294] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 648] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 298] <... close resumed>) = 0 [pid 294] close(4 [pid 298] rmdir("./11/file4" [pid 294] <... close resumed>) = 0 [pid 648] <... mmap resumed>) = 0x7fc71771c000 [pid 298] <... rmdir resumed>) = 0 [pid 294] rmdir("./10/file4" [pid 298] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] <... rmdir resumed>) = 0 [pid 298] newfstatat(AT_FDCWD, "./11/binderfs", [pid 294] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] unlink("./11/binderfs" [pid 294] newfstatat(AT_FDCWD, "./10/binderfs", [pid 298] <... unlink resumed>) = 0 [pid 294] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] getdents64(3, [pid 294] unlink("./10/binderfs" [pid 298] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] <... unlink resumed>) = 0 [pid 298] close(3 [pid 294] getdents64(3, [pid 298] <... close resumed>) = 0 [pid 294] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] rmdir("./11" [pid 294] close(3 [pid 298] <... rmdir resumed>) = 0 [pid 294] <... close resumed>) = 0 [pid 298] mkdir("./12", 0777 [pid 294] rmdir("./10" [pid 298] <... mkdir resumed>) = 0 [pid 294] <... rmdir resumed>) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 294] mkdir("./11", 0777 [pid 298] <... openat resumed>) = 3 [pid 294] <... mkdir resumed>) = 0 [pid 298] ioctl(3, LOOP_CLR_FD [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 298] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 294] <... openat resumed>) = 3 [pid 298] close(3 [pid 294] ioctl(3, LOOP_CLR_FD [pid 298] <... close resumed>) = 0 [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] close(3) = 0 [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 26 ./strace-static-x86_64: Process 649 attached [pid 649] set_robust_list(0x5555875796a0, 24) = 0 [pid 649] chdir("./12" [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 649] <... chdir resumed>) = 0 [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 25 [pid 649] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 649] setpgid(0, 0) = 0 [pid 649] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 649] write(3, "1000", 4) = 4 [pid 649] close(3) = 0 [pid 649] symlink("/dev/binderfs", "./binderfs") = 0 [pid 649] write(1, "executing program\n", 18executing program ) = 18 [pid 649] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 649] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 649] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 649] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 649] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 649] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 649] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[27]}, 88) = 27 [pid 649] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 649] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 37.510112][ T640] F2FS-fs (loop1): fault_injection options not supported [ 37.517901][ T640] F2FS-fs (loop1): fault_type options not supported [pid 649] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 650 attached [pid 650] set_robust_list(0x5555875796a0, 24) = 0 [pid 650] chdir("./11") = 0 [pid 650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 650] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 651 attached [pid 650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 650] write(3, "1000", 4) = 4 [pid 650] close(3) = 0 [pid 650] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 650] write(1, "executing program\n", 18) = 18 [pid 650] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 650] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 650] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 650] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 650] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 651] set_robust_list(0x7fc71fb3c9a0, 24 [pid 650] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 650] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 651] <... set_robust_list resumed>) = 0 [pid 650] <... clone3 resumed> => {parent_tid=[26]}, 88) = 26 [pid 650] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 650] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 650] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 651] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 651] memfd_create("syzkaller", 0) = 3 [pid 651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 654 attached [pid 654] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 654] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 654] memfd_create("syzkaller", 0) = 3 [pid 654] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 37.550479][ T640] F2FS-fs (loop1): invalid crc value [ 37.567002][ T640] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 640] <... mount resumed>) = 0 [pid 640] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 640] chdir("./file4") = 0 [pid 640] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 640] ioctl(4, LOOP_CLR_FD) = 0 [pid 640] close(4) = 0 [pid 640] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 640] fspick(AT_FDCWD, ".", 0 [pid 636] <... futex resumed>) = 0 [pid 640] <... fspick resumed>) = 4 [pid 636] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 640] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 636] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 640] <... futex resumed>) = 0 [pid 636] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 640] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 636] <... futex resumed>) = 0 [pid 636] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 640] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 640] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 640] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 636] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 640] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 636] <... futex resumed>) = 0 [pid 640] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 636] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 640] <... open resumed>) = 5 [pid 640] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 640] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 636] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 640] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 636] <... futex resumed>) = 0 [pid 640] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 636] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 640] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 640] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 636] <... futex resumed>) = 0 [pid 640] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 636] close(3) = 0 [pid 636] close(4) = 0 [pid 636] close(5) = 0 [pid 636] close(6) = -1 EBADF (Bad file descriptor) [pid 648] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 636] close(7) = -1 EBADF (Bad file descriptor) [pid 636] close(8) = -1 EBADF (Bad file descriptor) [pid 636] close(9) = -1 EBADF (Bad file descriptor) [pid 636] close(10) = -1 EBADF (Bad file descriptor) [pid 636] close(11) = -1 EBADF (Bad file descriptor) [pid 636] close(12) = -1 EBADF (Bad file descriptor) [pid 636] close(13) = -1 EBADF (Bad file descriptor) [pid 636] close(14) = -1 EBADF (Bad file descriptor) [pid 636] close(15) = -1 EBADF (Bad file descriptor) [pid 636] close(16) = -1 EBADF (Bad file descriptor) [pid 636] close(17) = -1 EBADF (Bad file descriptor) [pid 636] close(18) = -1 EBADF (Bad file descriptor) [pid 636] close(19) = -1 EBADF (Bad file descriptor) [pid 636] close(20) = -1 EBADF (Bad file descriptor) [pid 636] close(21) = -1 EBADF (Bad file descriptor) [pid 636] close(22) = -1 EBADF (Bad file descriptor) [pid 636] close(23) = -1 EBADF (Bad file descriptor) [pid 636] close(24) = -1 EBADF (Bad file descriptor) [pid 636] close(25) = -1 EBADF (Bad file descriptor) [pid 636] close(26) = -1 EBADF (Bad file descriptor) [pid 636] close(27) = -1 EBADF (Bad file descriptor) [pid 636] close(28) = -1 EBADF (Bad file descriptor) [pid 636] close(29) = -1 EBADF (Bad file descriptor) [pid 636] exit_group(0 [pid 640] <... futex resumed>) = ? [pid 636] <... exit_group resumed>) = ? [pid 640] +++ exited with 0 +++ [pid 645] <... write resumed>) = 20699119 [pid 636] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=9, si_stime=19} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 37.649598][ T640] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 37.659626][ T640] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 37.689151][ T640] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 297] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 645] munmap(0x7fc71771c000, 138412032) = 0 [pid 645] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 645] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 645] close(3) = 0 [pid 645] close(4) = 0 [pid 645] mkdir("./file4", 0777) = 0 [ 37.740981][ T645] loop2: detected capacity change from 0 to 40427 [ 37.755524][ T645] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 37.771940][ T645] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 645] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 651] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 37.810784][ T645] F2FS-fs (loop2): fault_injection options not supported [ 37.840427][ T645] F2FS-fs (loop2): fault_type options not supported [pid 654] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 648] <... write resumed>) = 20699119 [pid 648] munmap(0x7fc71771c000, 138412032) = 0 [pid 648] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 37.869933][ T645] F2FS-fs (loop2): invalid crc value [pid 648] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 648] close(3) = 0 [pid 648] close(4) = 0 [pid 648] mkdir("./file4", 0777) = 0 [pid 648] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 297] <... umount2 resumed>) = 0 [ 37.892140][ T648] loop4: detected capacity change from 0 to 40427 [ 37.913509][ T648] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 37.922422][ T645] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 297] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 37.939193][ T648] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 297] newfstatat(AT_FDCWD, "./11/file4", [pid 651] <... write resumed>) = 20699119 [pid 651] munmap(0x7fc71771c000, 138412032) = 0 [pid 651] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 651] ioctl(4, LOOP_SET_FD, 3 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./11/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./11/file4") = 0 [pid 654] <... write resumed>) = 20699119 [pid 651] <... ioctl resumed>) = 0 [pid 651] close(3) = 0 [pid 651] close(4) = 0 [pid 651] mkdir("./file4", 0777) = 0 [pid 651] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 654] munmap(0x7fc71771c000, 138412032) = 0 [pid 297] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 654] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 297] newfstatat(AT_FDCWD, "./11/binderfs", [pid 654] <... openat resumed>) = 4 [pid 297] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 654] ioctl(4, LOOP_SET_FD, 3 [ 37.968699][ T648] F2FS-fs (loop4): fault_injection options not supported [ 37.975004][ T651] loop3: detected capacity change from 0 to 40427 [ 37.981248][ T648] F2FS-fs (loop4): fault_type options not supported [ 37.991920][ T648] F2FS-fs (loop4): invalid crc value [ 37.997076][ T651] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 38.005365][ T651] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 297] unlink("./11/binderfs" [pid 654] <... ioctl resumed>) = 0 [pid 297] <... unlink resumed>) = 0 [pid 297] getdents64(3, [pid 654] close(3 [pid 297] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 654] <... close resumed>) = 0 [pid 297] close(3 [pid 654] close(4) = 0 [pid 297] <... close resumed>) = 0 [pid 654] mkdir("./file4", 0777 [pid 297] rmdir("./11" [pid 654] <... mkdir resumed>) = 0 [pid 297] <... rmdir resumed>) = 0 [pid 654] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 297] mkdir("./12", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 26 [ 38.016241][ T654] loop0: detected capacity change from 0 to 40427 [ 38.020131][ T651] F2FS-fs (loop3): fault_injection options not supported [ 38.024949][ T648] F2FS-fs (loop4): Found nat_bits in checkpoint [ 38.040139][ T654] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 38.049053][ T645] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 38.060431][ T645] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 ./strace-static-x86_64: Process 664 attached [pid 645] <... mount resumed>) = 0 [pid 664] set_robust_list(0x5555875796a0, 24 [pid 645] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 664] <... set_robust_list resumed>) = 0 [pid 645] <... openat resumed>) = 3 [pid 664] chdir("./12" [pid 645] chdir("./file4" [pid 664] <... chdir resumed>) = 0 [pid 645] <... chdir resumed>) = 0 [pid 664] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 645] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 664] <... prctl resumed>) = 0 [pid 645] <... openat resumed>) = 4 [pid 664] setpgid(0, 0 [pid 645] ioctl(4, LOOP_CLR_FD [pid 664] <... setpgid resumed>) = 0 [pid 645] <... ioctl resumed>) = 0 [pid 664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 645] close(4 [pid 664] <... openat resumed>) = 3 [pid 645] <... close resumed>) = 0 [pid 664] write(3, "1000", 4 [pid 645] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 664] <... write resumed>) = 4 [pid 645] <... futex resumed>) = 1 [pid 644] <... futex resumed>) = 0 [pid 664] close(3 [pid 645] fspick(AT_FDCWD, ".", 0 [pid 644] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 664] <... close resumed>) = 0 [pid 645] <... fspick resumed>) = 4 [pid 644] <... futex resumed>) = 0 [pid 664] symlink("/dev/binderfs", "./binderfs" [pid 645] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 664] <... symlink resumed>) = 0 [pid 645] <... futex resumed>) = 0 [pid 644] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 664] write(1, "executing program\n", 18 [pid 645] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 644] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000executing program [pid 664] <... write resumed>) = 18 [pid 644] <... futex resumed>) = 0 [pid 664] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 664] <... futex resumed>) = 0 [pid 664] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 664] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 664] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 664] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 664] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 664] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[27]}, 88) = 27 [pid 664] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 664] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 664] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 665 attached [pid 665] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 665] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 665] memfd_create("syzkaller", 0) = 3 [pid 665] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 645] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 645] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... futex resumed>) = 0 [pid 644] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 644] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 645] <... futex resumed>) = 1 [pid 645] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 645] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... futex resumed>) = 0 [pid 644] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 644] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 645] <... futex resumed>) = 1 [pid 645] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 645] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 644] <... futex resumed>) = 0 [pid 644] close(3) = 0 [pid 644] close(4) = 0 [pid 644] close(5) = 0 [pid 644] close(6) = -1 EBADF (Bad file descriptor) [pid 644] close(7) = -1 EBADF (Bad file descriptor) [pid 644] close(8) = -1 EBADF (Bad file descriptor) [pid 644] close(9) = -1 EBADF (Bad file descriptor) [pid 644] close(10) = -1 EBADF (Bad file descriptor) [pid 644] close(11) = -1 EBADF (Bad file descriptor) [pid 644] close(12) = -1 EBADF (Bad file descriptor) [pid 644] close(13) = -1 EBADF (Bad file descriptor) [pid 644] close(14) = -1 EBADF (Bad file descriptor) [pid 644] close(15) = -1 EBADF (Bad file descriptor) [pid 644] close(16) = -1 EBADF (Bad file descriptor) [pid 644] close(17) = -1 EBADF (Bad file descriptor) [pid 644] close(18) = -1 EBADF (Bad file descriptor) [pid 644] close(19) = -1 EBADF (Bad file descriptor) [pid 644] close(20) = -1 EBADF (Bad file descriptor) [pid 644] close(21) = -1 EBADF (Bad file descriptor) [pid 644] close(22) = -1 EBADF (Bad file descriptor) [pid 644] close(23) = -1 EBADF (Bad file descriptor) [pid 644] close(24) = -1 EBADF (Bad file descriptor) [pid 644] close(25) = -1 EBADF (Bad file descriptor) [pid 644] close(26) = -1 EBADF (Bad file descriptor) [pid 644] close(27) = -1 EBADF (Bad file descriptor) [pid 644] close(28) = -1 EBADF (Bad file descriptor) [pid 644] close(29) = -1 EBADF (Bad file descriptor) [pid 644] exit_group(0) = ? [pid 645] <... futex resumed>) = ? [pid 645] +++ exited with 0 +++ [pid 644] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=8, si_stime=19} --- [ 38.071031][ T654] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 38.075573][ T651] F2FS-fs (loop3): fault_type options not supported [ 38.086255][ T654] F2FS-fs (loop0): fault_injection options not supported [ 38.091949][ T645] F2FS-fs (loop2): switch discard_unit option is not allowed [ 38.104645][ T651] F2FS-fs (loop3): invalid crc value [ 38.110749][ T648] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 648] <... mount resumed>) = 0 [pid 648] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 648] chdir("./file4") = 0 [pid 648] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 648] ioctl(4, LOOP_CLR_FD) = 0 [pid 648] close(4) = 0 [pid 648] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 647] <... futex resumed>) = 0 [pid 648] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 647] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 648] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 647] <... futex resumed>) = 0 [pid 647] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 648] fspick(AT_FDCWD, ".", 0) = 4 [pid 648] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 647] <... futex resumed>) = 0 [pid 647] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [ 38.119297][ T648] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 38.129340][ T654] F2FS-fs (loop0): fault_type options not supported [ 38.151197][ T651] F2FS-fs (loop3): Found nat_bits in checkpoint [ 38.154980][ T654] F2FS-fs (loop0): invalid crc value [pid 648] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 647] <... futex resumed>) = 0 [pid 647] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 648] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 648] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 647] <... futex resumed>) = 0 [pid 647] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 648] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 647] <... futex resumed>) = 0 [pid 647] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 648] <... open resumed>) = 5 [pid 648] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 647] <... futex resumed>) = 0 [pid 647] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 648] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 647] <... futex resumed>) = 0 [pid 647] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 648] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 648] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 647] <... futex resumed>) = 0 [pid 648] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 647] close(3) = 0 [pid 647] close(4) = 0 [pid 647] close(5) = 0 [pid 647] close(6) = -1 EBADF (Bad file descriptor) [pid 647] close(7) = -1 EBADF (Bad file descriptor) [pid 647] close(8) = -1 EBADF (Bad file descriptor) [pid 647] close(9) = -1 EBADF (Bad file descriptor) [pid 647] close(10) = -1 EBADF (Bad file descriptor) [pid 647] close(11) = -1 EBADF (Bad file descriptor) [pid 647] close(12) = -1 EBADF (Bad file descriptor) [pid 647] close(13) = -1 EBADF (Bad file descriptor) [pid 647] close(14) = -1 EBADF (Bad file descriptor) [pid 647] close(15) = -1 EBADF (Bad file descriptor) [pid 647] close(16) = -1 EBADF (Bad file descriptor) [pid 647] close(17) = -1 EBADF (Bad file descriptor) [pid 647] close(18) = -1 EBADF (Bad file descriptor) [pid 647] close(19) = -1 EBADF (Bad file descriptor) [pid 647] close(20) = -1 EBADF (Bad file descriptor) [pid 647] close(21) = -1 EBADF (Bad file descriptor) [pid 647] close(22) = -1 EBADF (Bad file descriptor) [pid 647] close(23) = -1 EBADF (Bad file descriptor) [pid 647] close(24) = -1 EBADF (Bad file descriptor) [pid 647] close(25) = -1 EBADF (Bad file descriptor) [pid 647] close(26) = -1 EBADF (Bad file descriptor) [pid 647] close(27) = -1 EBADF (Bad file descriptor) [pid 647] close(28) = -1 EBADF (Bad file descriptor) [pid 647] close(29) = -1 EBADF (Bad file descriptor) [pid 647] exit_group(0 [pid 648] <... futex resumed>) = ? [pid 647] <... exit_group resumed>) = ? [pid 648] +++ exited with 0 +++ [pid 647] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24, si_uid=0, si_status=0, si_utime=5, si_stime=22} --- [pid 299] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 38.166159][ T648] F2FS-fs (loop4): switch discard_unit option is not allowed [ 38.180168][ T654] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 299] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 651] <... mount resumed>) = 0 [pid 651] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 651] chdir("./file4") = 0 [pid 651] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 651] ioctl(4, LOOP_CLR_FD) = 0 [pid 651] close(4) = 0 [pid 651] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 651] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 649] <... futex resumed>) = 0 [pid 649] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 649] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 651] <... futex resumed>) = 0 [pid 651] fspick(AT_FDCWD, ".", 0) = 4 [pid 651] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 649] <... futex resumed>) = 0 [pid 649] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 38.254226][ T651] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 38.280401][ T651] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 38.288361][ T654] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [pid 651] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 665] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 654] <... mount resumed>) = 0 [pid 649] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 654] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 654] chdir("./file4") = 0 [pid 654] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 654] ioctl(4, LOOP_CLR_FD) = 0 [pid 654] close(4) = 0 [pid 654] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 651] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 651] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 651] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 654] <... futex resumed>) = 1 [pid 654] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 650] <... futex resumed>) = 0 [pid 649] <... futex resumed>) = 0 [pid 650] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 650] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 649] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 654] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 654] fspick(AT_FDCWD, ".", 0 [pid 649] <... futex resumed>) = 1 [pid 654] <... fspick resumed>) = 4 [pid 649] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 654] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 650] <... futex resumed>) = 0 [pid 654] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 650] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 650] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 651] <... futex resumed>) = 0 [pid 651] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 654] <... futex resumed>) = 0 [pid 651] <... open resumed>) = 5 [pid 654] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 651] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 651] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 649] <... futex resumed>) = 0 [pid 649] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 649] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 651] <... futex resumed>) = 0 [pid 651] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 651] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 649] <... futex resumed>) = 0 [pid 651] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 649] close(3) = 0 [pid 649] close(4) = 0 [pid 649] close(5) = 0 [pid 649] close(6) = -1 EBADF (Bad file descriptor) [pid 649] close(7) = -1 EBADF (Bad file descriptor) [pid 649] close(8) = -1 EBADF (Bad file descriptor) [pid 649] close(9) = -1 EBADF (Bad file descriptor) [pid 649] close(10) = -1 EBADF (Bad file descriptor) [pid 649] close(11) = -1 EBADF (Bad file descriptor) [pid 649] close(12) = -1 EBADF (Bad file descriptor) [pid 649] close(13) = -1 EBADF (Bad file descriptor) [pid 649] close(14) = -1 EBADF (Bad file descriptor) [pid 649] close(15) = -1 EBADF (Bad file descriptor) [pid 649] close(16) = -1 EBADF (Bad file descriptor) [pid 649] close(17) = -1 EBADF (Bad file descriptor) [pid 649] close(18) = -1 EBADF (Bad file descriptor) [pid 649] close(19) = -1 EBADF (Bad file descriptor) [pid 649] close(20 [pid 654] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 649] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 654] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 649] close(21 [pid 654] <... futex resumed>) = 1 [pid 650] <... futex resumed>) = 0 [pid 649] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 650] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 654] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 650] <... futex resumed>) = 0 [pid 649] close(22 [pid 650] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 649] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 649] close(23) = -1 EBADF (Bad file descriptor) [pid 649] close(24) = -1 EBADF (Bad file descriptor) [pid 649] close(25) = -1 EBADF (Bad file descriptor) [pid 649] close(26) = -1 EBADF (Bad file descriptor) [pid 649] close(27) = -1 EBADF (Bad file descriptor) [pid 649] close(28) = -1 EBADF (Bad file descriptor) [pid 649] close(29) = -1 EBADF (Bad file descriptor) [pid 649] exit_group(0 [pid 651] <... futex resumed>) = ? [pid 649] <... exit_group resumed>) = ? [pid 654] <... open resumed>) = 5 [pid 651] +++ exited with 0 +++ [pid 649] +++ exited with 0 +++ [pid 654] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=10, si_stime=16} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 654] <... futex resumed>) = 1 [pid 650] <... futex resumed>) = 0 [pid 654] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 650] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 654] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 650] <... futex resumed>) = 0 [pid 654] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 650] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 654] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 654] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 650] <... futex resumed>) = 0 [pid 654] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 650] close(3) = 0 [pid 650] close(4) = 0 [pid 650] close(5) = 0 [pid 650] close(6) = -1 EBADF (Bad file descriptor) [pid 650] close(7) = -1 EBADF (Bad file descriptor) [pid 650] close(8) = -1 EBADF (Bad file descriptor) [pid 650] close(9) = -1 EBADF (Bad file descriptor) [pid 650] close(10) = -1 EBADF (Bad file descriptor) [pid 650] close(11) = -1 EBADF (Bad file descriptor) [pid 650] close(12) = -1 EBADF (Bad file descriptor) [pid 650] close(13) = -1 EBADF (Bad file descriptor) [pid 650] close(14) = -1 EBADF (Bad file descriptor) [pid 650] close(15) = -1 EBADF (Bad file descriptor) [pid 650] close(16) = -1 EBADF (Bad file descriptor) [pid 650] close(17) = -1 EBADF (Bad file descriptor) [pid 650] close(18) = -1 EBADF (Bad file descriptor) [pid 650] close(19) = -1 EBADF (Bad file descriptor) [pid 650] close(20) = -1 EBADF (Bad file descriptor) [pid 650] close(21) = -1 EBADF (Bad file descriptor) [pid 650] close(22) = -1 EBADF (Bad file descriptor) [pid 650] close(23) = -1 EBADF (Bad file descriptor) [pid 650] close(24) = -1 EBADF (Bad file descriptor) [pid 650] close(25) = -1 EBADF (Bad file descriptor) [pid 650] close(26) = -1 EBADF (Bad file descriptor) [pid 650] close(27) = -1 EBADF (Bad file descriptor) [pid 650] close(28) = -1 EBADF (Bad file descriptor) [pid 650] close(29) = -1 EBADF (Bad file descriptor) [pid 650] exit_group(0 [pid 654] <... futex resumed>) = ? [pid 650] <... exit_group resumed>) = ? [pid 654] +++ exited with 0 +++ [pid 650] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=25, si_uid=0, si_status=0, si_utime=2, si_stime=15} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 38.312063][ T654] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 38.312403][ T651] F2FS-fs (loop3): switch discard_unit option is not allowed [ 38.347927][ T654] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 294] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./11/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./11/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./11/file4") = 0 [pid 293] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./11/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./11/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] close(3 [pid 299] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./11/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./11/file4") = 0 [pid 299] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./11/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./11") = 0 [pid 299] mkdir("./12", 0777 [pid 293] <... close resumed>) = 0 [pid 299] <... mkdir resumed>) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 293] rmdir("./11") = 0 [pid 293] mkdir("./12", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 26 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 675 attached [pid 675] set_robust_list(0x5555875796a0, 24) = 0 [pid 675] chdir("./12") = 0 [pid 675] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 675] setpgid(0, 0) = 0 [pid 675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 675] write(3, "1000", 4) = 4 [pid 675] close(3) = 0 [pid 675] symlink("/dev/binderfs", "./binderfs") = 0 [pid 675] write(1, "executing program\n", 18executing program ) = 18 [pid 675] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 675] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 675] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 675] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 675] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 299] <... clone resumed>, child_tidptr=0x555587579690) = 26 [pid 675] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 675] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[27]}, 88) = 27 [pid 675] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 675] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 675] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 677 attached [pid 677] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 677] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 677] memfd_create("syzkaller", 0) = 3 [pid 677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 676 attached [pid 676] set_robust_list(0x5555875796a0, 24) = 0 [pid 676] chdir("./12") = 0 [pid 676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 676] setpgid(0, 0) = 0 [pid 676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 676] write(3, "1000", 4) = 4 [pid 676] close(3) = 0 [pid 676] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 676] write(1, "executing program\n", 18) = 18 [pid 676] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 676] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 676] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 676] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 676] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 676] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 676] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[27]}, 88) = 27 [pid 676] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 676] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 676] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 678 attached [pid 678] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 678] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 678] memfd_create("syzkaller", 0) = 3 [pid 678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 665] <... write resumed>) = 20699119 [pid 665] munmap(0x7fc71771c000, 138412032) = 0 [pid 665] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 665] ioctl(4, LOOP_SET_FD, 3 [pid 294] <... umount2 resumed>) = 0 [pid 665] <... ioctl resumed>) = 0 [pid 294] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 665] close(3 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 665] <... close resumed>) = 0 [pid 294] newfstatat(AT_FDCWD, "./11/file4", [pid 665] close(4 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 665] <... close resumed>) = 0 [pid 665] mkdir("./file4", 0777 [pid 294] umount2("./11/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 665] <... mkdir resumed>) = 0 [pid 665] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./11/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./11/file4") = 0 [pid 294] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./11/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./11") = 0 [pid 294] mkdir("./12", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 27 [pid 298] <... umount2 resumed>) = 0 [ 38.562464][ T665] loop1: detected capacity change from 0 to 40427 [ 38.590139][ T665] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 38.603465][ T665] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 298] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 679 attached ) = -1 EINVAL (Invalid argument) [pid 679] set_robust_list(0x5555875796a0, 24) = 0 [pid 679] chdir("./12") = 0 [pid 679] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 679] setpgid(0, 0) = 0 [pid 679] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 679] write(3, "1000", 4) = 4 [pid 679] close(3) = 0 [pid 679] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 679] write(1, "executing program\n", 18) = 18 [pid 679] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 679] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 679] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 679] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 679] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 679] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 679] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[28]}, 88) = 28 [pid 679] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 679] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 679] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 298] newfstatat(AT_FDCWD, "./12/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./12/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 680 attached [pid 680] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 680] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 680] memfd_create("syzkaller", 0) = 3 [pid 680] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 298] getdents64(4, [pid 680] <... mmap resumed>) = 0x7fc71771c000 [pid 298] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./12/file4") = 0 [pid 298] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./12/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./12") = 0 [pid 298] mkdir("./13", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 28 [ 38.623823][ T665] F2FS-fs (loop1): fault_injection options not supported [ 38.631400][ T665] F2FS-fs (loop1): fault_type options not supported [ 38.640019][ T665] F2FS-fs (loop1): invalid crc value ./strace-static-x86_64: Process 684 attached [pid 684] set_robust_list(0x5555875796a0, 24) = 0 [pid 684] chdir("./13") = 0 [pid 684] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 684] setpgid(0, 0) = 0 [pid 684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 684] write(3, "1000", 4) = 4 [pid 684] close(3) = 0 [pid 684] symlink("/dev/binderfs", "./binderfs") = 0 [pid 684] write(1, "executing program\n", 18executing program ) = 18 [pid 684] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 684] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 684] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 684] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 684] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 684] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 684] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[29]}, 88) = 29 [pid 684] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 684] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 684] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 685 attached [pid 685] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 685] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 685] memfd_create("syzkaller", 0) = 3 [pid 685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 38.664363][ T665] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 677] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 665] <... mount resumed>) = 0 [pid 665] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 665] chdir("./file4") = 0 [pid 665] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 665] ioctl(4, LOOP_CLR_FD) = 0 [pid 665] close(4) = 0 [pid 665] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 665] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 664] <... futex resumed>) = 0 [pid 664] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 665] <... futex resumed>) = 0 [pid 664] <... futex resumed>) = 1 [pid 665] fspick(AT_FDCWD, ".", 0) = 4 [pid 664] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 665] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 664] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 665] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 664] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 665] <... futex resumed>) = 0 [pid 664] <... futex resumed>) = 1 [pid 665] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 38.737263][ T665] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 38.751070][ T665] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 664] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 665] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 665] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 664] <... futex resumed>) = 0 [pid 664] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 664] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 665] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 665] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 664] <... futex resumed>) = 0 [pid 664] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 664] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 665] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 665] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 664] <... futex resumed>) = 0 [pid 664] close(3) = 0 [pid 664] close(4) = 0 [pid 664] close(5) = 0 [pid 664] close(6) = -1 EBADF (Bad file descriptor) [pid 664] close(7) = -1 EBADF (Bad file descriptor) [pid 664] close(8) = -1 EBADF (Bad file descriptor) [pid 664] close(9) = -1 EBADF (Bad file descriptor) [pid 664] close(10) = -1 EBADF (Bad file descriptor) [pid 664] close(11) = -1 EBADF (Bad file descriptor) [pid 664] close(12) = -1 EBADF (Bad file descriptor) [pid 664] close(13) = -1 EBADF (Bad file descriptor) [pid 664] close(14) = -1 EBADF (Bad file descriptor) [pid 664] close(15) = -1 EBADF (Bad file descriptor) [pid 664] close(16) = -1 EBADF (Bad file descriptor) [pid 664] close(17) = -1 EBADF (Bad file descriptor) [pid 664] close(18) = -1 EBADF (Bad file descriptor) [pid 664] close(19) = -1 EBADF (Bad file descriptor) [pid 664] close(20) = -1 EBADF (Bad file descriptor) [pid 664] close(21) = -1 EBADF (Bad file descriptor) [pid 664] close(22) = -1 EBADF (Bad file descriptor) [pid 664] close(23) = -1 EBADF (Bad file descriptor) [pid 664] close(24) = -1 EBADF (Bad file descriptor) [pid 664] close(25) = -1 EBADF (Bad file descriptor) [pid 664] close(26) = -1 EBADF (Bad file descriptor) [pid 664] close(27) = -1 EBADF (Bad file descriptor) [pid 664] close(28) = -1 EBADF (Bad file descriptor) [pid 664] close(29) = -1 EBADF (Bad file descriptor) [pid 664] exit_group(0) = ? [pid 665] +++ exited with 0 +++ [pid 664] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 38.781717][ T665] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 678] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 677] <... write resumed>) = 20699119 [pid 677] munmap(0x7fc71771c000, 138412032) = 0 [pid 677] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 677] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 677] close(3) = 0 [pid 677] close(4) = 0 [pid 677] mkdir("./file4", 0777) = 0 [pid 677] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 38.882021][ T677] loop2: detected capacity change from 0 to 40427 [ 38.910730][ T677] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 38.917725][ T677] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 680] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 685] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 678] <... write resumed>) = 20699119 [ 38.950427][ T677] F2FS-fs (loop2): fault_injection options not supported [ 38.978303][ T677] F2FS-fs (loop2): fault_type options not supported [pid 678] munmap(0x7fc71771c000, 138412032) = 0 [pid 678] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 678] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 678] close(3) = 0 [pid 678] close(4) = 0 [pid 678] mkdir("./file4", 0777) = 0 [pid 678] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./12/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./12/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./12/file4") = 0 [pid 297] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./12/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./12") = 0 [pid 297] mkdir("./13", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 39.000364][ T677] F2FS-fs (loop2): invalid crc value [ 39.007218][ T678] loop4: detected capacity change from 0 to 40427 [ 39.031215][ T678] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 28 ./strace-static-x86_64: Process 690 attached [pid 690] set_robust_list(0x5555875796a0, 24) = 0 [pid 690] chdir("./13") = 0 [pid 690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 690] setpgid(0, 0) = 0 [pid 690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 690] write(3, "1000", 4) = 4 [pid 690] close(3) = 0 [pid 690] symlink("/dev/binderfs", "./binderfs") = 0 [pid 690] write(1, "executing program\n", 18executing program ) = 18 [pid 690] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 690] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 690] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 690] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 690] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 690] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 690] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[29]}, 88) = 29 [pid 690] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 690] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 690] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 691 attached [pid 691] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 691] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 691] memfd_create("syzkaller", 0) = 3 [pid 691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 680] <... write resumed>) = 20699119 [pid 680] munmap(0x7fc71771c000, 138412032) = 0 [ 39.057936][ T677] F2FS-fs (loop2): Found nat_bits in checkpoint [ 39.065886][ T678] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 39.082112][ T678] F2FS-fs (loop4): fault_injection options not supported [ 39.090230][ T678] F2FS-fs (loop4): fault_type options not supported [ 39.100096][ T678] F2FS-fs (loop4): invalid crc value [pid 680] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 680] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 680] close(3) = 0 [pid 680] close(4) = 0 [pid 680] mkdir("./file4", 0777) = 0 [pid 680] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 685] <... write resumed>) = 20699119 [pid 685] munmap(0x7fc71771c000, 138412032) = 0 [ 39.121211][ T680] loop0: detected capacity change from 0 to 40427 [ 39.128531][ T678] F2FS-fs (loop4): Found nat_bits in checkpoint [ 39.150586][ T680] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 39.158536][ T680] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 685] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 685] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 685] close(3) = 0 [pid 685] close(4 [pid 677] <... mount resumed>) = 0 [pid 685] <... close resumed>) = 0 [pid 677] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 685] mkdir("./file4", 0777) = 0 [pid 677] <... openat resumed>) = 3 [pid 685] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 39.174916][ T680] F2FS-fs (loop0): fault_injection options not supported [ 39.182814][ T677] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 39.189898][ T677] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 39.198794][ T685] loop3: detected capacity change from 0 to 40427 [ 39.200589][ T678] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 39.206955][ T680] F2FS-fs (loop0): fault_type options not supported [pid 677] chdir("./file4" [pid 678] <... mount resumed>) = 0 [pid 678] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 678] chdir("./file4") = 0 [pid 677] <... chdir resumed>) = 0 [pid 677] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 678] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 678] ioctl(4, LOOP_CLR_FD) = 0 [pid 678] close(4) = 0 [pid 678] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 676] <... futex resumed>) = 0 [pid 678] fspick(AT_FDCWD, ".", 0 [pid 676] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 678] <... fspick resumed>) = 4 [pid 676] <... futex resumed>) = 0 [pid 678] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 676] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 678] <... futex resumed>) = 0 [pid 676] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 678] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 676] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] <... openat resumed>) = 4 [pid 676] <... futex resumed>) = 0 [pid 676] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] ioctl(4, LOOP_CLR_FD) = 0 [pid 677] close(4) = 0 [pid 677] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 675] <... futex resumed>) = 0 [pid 677] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 675] <... futex resumed>) = 0 [pid 677] fspick(AT_FDCWD, ".", 0 [pid 675] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] <... fspick resumed>) = 4 [pid 677] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 675] <... futex resumed>) = 0 [pid 677] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 675] <... futex resumed>) = 0 [pid 677] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 39.221189][ T678] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 39.221226][ T685] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 39.247188][ T680] F2FS-fs (loop0): invalid crc value [ 39.249561][ T678] F2FS-fs (loop4): switch discard_unit option is not allowed [ 39.255597][ T685] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 675] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 677] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 675] <... futex resumed>) = 0 [pid 677] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 675] <... futex resumed>) = 0 [pid 677] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 675] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 677] <... open resumed>) = 5 [pid 677] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 675] <... futex resumed>) = 0 [pid 677] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 678] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 677] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 675] <... futex resumed>) = 0 [pid 678] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 677] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 675] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 678] <... futex resumed>) = 1 [pid 677] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 676] <... futex resumed>) = 0 [pid 678] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 677] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 677] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] <... futex resumed>) = 0 [pid 675] close(3 [pid 676] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 675] <... close resumed>) = 0 [pid 691] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 678] <... futex resumed>) = 0 [pid 676] <... futex resumed>) = 1 [pid 675] close(4 [pid 678] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 675] <... close resumed>) = 0 [pid 678] <... open resumed>) = 5 [pid 675] close(5 [pid 678] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 675] <... close resumed>) = 0 [pid 678] <... futex resumed>) = 0 [pid 675] close(6 [pid 678] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 675] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 675] close(7) = -1 EBADF (Bad file descriptor) [pid 675] close(8) = -1 EBADF (Bad file descriptor) [pid 675] close(9) = -1 EBADF (Bad file descriptor) [pid 675] close(10) = -1 EBADF (Bad file descriptor) [pid 675] close(11) = -1 EBADF (Bad file descriptor) [pid 675] close(12) = -1 EBADF (Bad file descriptor) [pid 675] close(13) = -1 EBADF (Bad file descriptor) [pid 675] close(14) = -1 EBADF (Bad file descriptor) [pid 675] close(15) = -1 EBADF (Bad file descriptor) [pid 675] close(16) = -1 EBADF (Bad file descriptor) [pid 675] close(17) = -1 EBADF (Bad file descriptor) [pid 675] close(18) = -1 EBADF (Bad file descriptor) [pid 675] close(19) = -1 EBADF (Bad file descriptor) [pid 675] close(20) = -1 EBADF (Bad file descriptor) [pid 675] close(21) = -1 EBADF (Bad file descriptor) [pid 675] close(22) = -1 EBADF (Bad file descriptor) [pid 675] close(23) = -1 EBADF (Bad file descriptor) [pid 675] close(24) = -1 EBADF (Bad file descriptor) [pid 675] close(25) = -1 EBADF (Bad file descriptor) [pid 675] close(26) = -1 EBADF (Bad file descriptor) [pid 675] close(27) = -1 EBADF (Bad file descriptor) [pid 675] close(28) = -1 EBADF (Bad file descriptor) [pid 675] close(29) = -1 EBADF (Bad file descriptor) [pid 675] exit_group(0 [pid 677] <... futex resumed>) = ? [pid 675] <... exit_group resumed>) = ? [pid 677] +++ exited with 0 +++ [pid 675] +++ exited with 0 +++ [pid 676] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=10, si_stime=15} --- [pid 676] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 678] <... futex resumed>) = 0 [pid 676] <... futex resumed>) = 1 [pid 293] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 678] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 676] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 678] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 678] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 676] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 676] close(3) = 0 [pid 293] <... openat resumed>) = 3 [pid 676] close(4) = 0 [pid 293] newfstatat(3, "", [pid 676] close(5 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 676] <... close resumed>) = 0 [pid 293] getdents64(3, [pid 676] close(6 [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 676] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 676] close(7) = -1 EBADF (Bad file descriptor) [pid 676] close(8) = -1 EBADF (Bad file descriptor) [pid 676] close(9) = -1 EBADF (Bad file descriptor) [pid 676] close(10) = -1 EBADF (Bad file descriptor) [pid 676] close(11) = -1 EBADF (Bad file descriptor) [pid 676] close(12) = -1 EBADF (Bad file descriptor) [pid 676] close(13) = -1 EBADF (Bad file descriptor) [pid 676] close(14) = -1 EBADF (Bad file descriptor) [pid 676] close(15) = -1 EBADF (Bad file descriptor) [pid 676] close(16) = -1 EBADF (Bad file descriptor) [pid 676] close(17) = -1 EBADF (Bad file descriptor) [pid 676] close(18) = -1 EBADF (Bad file descriptor) [pid 676] close(19) = -1 EBADF (Bad file descriptor) [pid 676] close(20) = -1 EBADF (Bad file descriptor) [pid 676] close(21) = -1 EBADF (Bad file descriptor) [pid 676] close(22) = -1 EBADF (Bad file descriptor) [pid 676] close(23) = -1 EBADF (Bad file descriptor) [pid 676] close(24) = -1 EBADF (Bad file descriptor) [pid 676] close(25) = -1 EBADF (Bad file descriptor) [pid 676] close(26) = -1 EBADF (Bad file descriptor) [pid 676] close(27) = -1 EBADF (Bad file descriptor) [pid 676] close(28) = -1 EBADF (Bad file descriptor) [pid 676] close(29) = -1 EBADF (Bad file descriptor) [pid 676] exit_group(0 [pid 678] <... futex resumed>) = ? [pid 676] <... exit_group resumed>) = ? [pid 678] +++ exited with 0 +++ [pid 676] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=26, si_uid=0, si_status=0, si_utime=6, si_stime=15} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 39.272718][ T677] F2FS-fs (loop2): switch discard_unit option is not allowed [ 39.289227][ T685] F2FS-fs (loop3): fault_injection options not supported [ 39.297395][ T685] F2FS-fs (loop3): fault_type options not supported [ 39.306239][ T680] F2FS-fs (loop0): Found nat_bits in checkpoint [ 39.316515][ T685] F2FS-fs (loop3): invalid crc value [pid 299] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 691] <... write resumed>) = 20699119 [pid 691] munmap(0x7fc71771c000, 138412032) = 0 [pid 691] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 691] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 691] close(3) = 0 [pid 691] close(4) = 0 [pid 691] mkdir("./file4", 0777) = 0 [ 39.383779][ T685] F2FS-fs (loop3): Found nat_bits in checkpoint [ 39.385902][ T691] loop1: detected capacity change from 0 to 40427 [ 39.398532][ T691] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 39.407310][ T691] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 39.420551][ T691] F2FS-fs (loop1): fault_injection options not supported [pid 691] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 680] <... mount resumed>) = 0 [pid 680] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 680] chdir("./file4") = 0 [pid 680] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 680] ioctl(4, LOOP_CLR_FD) = 0 [pid 680] close(4) = 0 [pid 680] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 679] <... futex resumed>) = 0 [pid 679] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 679] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 680] <... futex resumed>) = 1 [pid 680] fspick(AT_FDCWD, ".", 0) = 4 [pid 680] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 679] <... futex resumed>) = 0 [pid 679] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 679] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 680] <... futex resumed>) = 1 [pid 680] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 680] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 679] <... futex resumed>) = 0 [pid 679] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 679] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 680] <... futex resumed>) = 1 [pid 680] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 680] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 679] <... futex resumed>) = 0 [pid 679] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 679] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 680] <... futex resumed>) = 1 [pid 680] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 680] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 679] <... futex resumed>) = 0 [pid 679] close(3) = 0 [pid 679] close(4) = 0 [pid 679] close(5) = 0 [pid 679] close(6) = -1 EBADF (Bad file descriptor) [pid 679] close(7) = -1 EBADF (Bad file descriptor) [pid 679] close(8) = -1 EBADF (Bad file descriptor) [pid 679] close(9) = -1 EBADF (Bad file descriptor) [pid 679] close(10) = -1 EBADF (Bad file descriptor) [pid 679] close(11) = -1 EBADF (Bad file descriptor) [pid 679] close(12) = -1 EBADF (Bad file descriptor) [pid 679] close(13) = -1 EBADF (Bad file descriptor) [pid 679] close(14) = -1 EBADF (Bad file descriptor) [pid 679] close(15) = -1 EBADF (Bad file descriptor) [pid 679] close(16) = -1 EBADF (Bad file descriptor) [pid 679] close(17) = -1 EBADF (Bad file descriptor) [pid 679] close(18) = -1 EBADF (Bad file descriptor) [pid 679] close(19) = -1 EBADF (Bad file descriptor) [pid 679] close(20) = -1 EBADF (Bad file descriptor) [pid 679] close(21) = -1 EBADF (Bad file descriptor) [pid 679] close(22) = -1 EBADF (Bad file descriptor) [pid 679] close(23) = -1 EBADF (Bad file descriptor) [pid 679] close(24) = -1 EBADF (Bad file descriptor) [pid 679] close(25) = -1 EBADF (Bad file descriptor) [pid 679] close(26) = -1 EBADF (Bad file descriptor) [pid 679] close(27) = -1 EBADF (Bad file descriptor) [pid 679] close(28) = -1 EBADF (Bad file descriptor) [pid 679] close(29) = -1 EBADF (Bad file descriptor) [pid 679] exit_group(0) = ? [pid 680] <... futex resumed>) = ? [pid 680] +++ exited with 0 +++ [pid 679] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=27, si_uid=0, si_status=0, si_utime=4, si_stime=22} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 39.430383][ T691] F2FS-fs (loop1): fault_type options not supported [ 39.445715][ T691] F2FS-fs (loop1): invalid crc value [ 39.451801][ T680] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 39.458941][ T680] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 39.468959][ T680] F2FS-fs (loop0): switch discard_unit option is not allowed [ 39.494829][ T691] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 294] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... umount2 resumed>) = 0 executing program [pid 685] <... mount resumed>) = 0 [pid 299] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./12/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./12/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./12/file4") = 0 [pid 299] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./12/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./12") = 0 [pid 299] mkdir("./13", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 28 ./strace-static-x86_64: Process 709 attached [pid 709] set_robust_list(0x5555875796a0, 24) = 0 [pid 709] chdir("./13") = 0 [pid 709] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 709] setpgid(0, 0) = 0 [pid 709] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 709] write(3, "1000", 4) = 4 [pid 709] close(3) = 0 [pid 709] symlink("/dev/binderfs", "./binderfs") = 0 [pid 709] write(1, "executing program\n", 18) = 18 [pid 691] <... mount resumed>) = 0 [pid 709] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 709] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 709] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 709] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 691] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 709] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 691] chdir("./file4") = 0 [pid 709] rt_sigprocmask(SIG_BLOCK, ~[], [pid 691] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 691] ioctl(4, LOOP_CLR_FD) = 0 [pid 691] close(4) = 0 [pid 691] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 690] <... futex resumed>) = 0 [pid 709] <... rt_sigprocmask resumed>[], 8) = 0 [pid 709] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 691] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 709] <... clone3 resumed> => {parent_tid=[29]}, 88) = 29 [pid 709] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 709] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 709] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}executing program [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./12/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./12/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./12/file4") = 0 [pid 293] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./12/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./12") = 0 [pid 293] mkdir("./13", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 28 ./strace-static-x86_64: Process 711 attached [pid 711] set_robust_list(0x5555875796a0, 24) = 0 [pid 711] chdir("./13") = 0 [pid 711] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 711] setpgid(0, 0) = 0 [pid 711] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 711] write(3, "1000", 4) = 4 [pid 711] close(3) = 0 [pid 711] symlink("/dev/binderfs", "./binderfs") = 0 [pid 711] write(1, "executing program\n", 18) = 18 [pid 711] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 711] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 711] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 711] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 711] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 711] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 711] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[29]}, 88) = 29 [pid 711] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 711] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 711] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 712 attached [pid 712] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 712] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 712] memfd_create("syzkaller", 0) = 3 [pid 712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 690] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 691] <... futex resumed>) = 0 [pid 690] <... futex resumed>) = 1 [pid 685] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 691] fspick(AT_FDCWD, ".", 0) = 4 [pid 691] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 691] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 690] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 685] <... openat resumed>) = 3 [pid 690] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 685] chdir("./file4" [pid 690] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 685] <... chdir resumed>) = 0 [pid 691] <... futex resumed>) = 0 [pid 690] <... futex resumed>) = 1 [pid 685] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 39.562479][ T685] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 39.569749][ T685] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 39.580631][ T691] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 39.591380][ T691] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 691] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 690] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 685] <... openat resumed>) = 4 [pid 685] ioctl(4, LOOP_CLR_FD) = 0 [pid 685] close(4) = 0 [pid 685] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 684] <... futex resumed>) = 0 [pid 685] <... futex resumed>) = 1 [pid 684] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 684] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 685] fspick(AT_FDCWD, ".", 0) = 4 [pid 685] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 684] <... futex resumed>) = 0 [pid 684] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 684] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 685] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 691] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 691] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 691] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 690] <... futex resumed>) = 0 [pid 690] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 691] <... futex resumed>) = 0 [pid 690] <... futex resumed>) = 1 [pid 691] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 690] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 691] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 691] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 690] <... futex resumed>) = 0 [pid 690] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 691] <... futex resumed>) = 0 [pid 691] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 690] <... futex resumed>) = 1 [pid 691] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 690] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 691] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 690] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 691] <... futex resumed>) = 0 [pid 691] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 690] close(3) = 0 [pid 690] close(4) = 0 [pid 690] close(5) = 0 [pid 690] close(6) = -1 EBADF (Bad file descriptor) [pid 690] close(7) = -1 EBADF (Bad file descriptor) [pid 690] close(8) = -1 EBADF (Bad file descriptor) [pid 690] close(9) = -1 EBADF (Bad file descriptor) [pid 690] close(10) = -1 EBADF (Bad file descriptor) [pid 690] close(11) = -1 EBADF (Bad file descriptor) [pid 690] close(12) = -1 EBADF (Bad file descriptor) [pid 690] close(13) = -1 EBADF (Bad file descriptor) [pid 690] close(14) = -1 EBADF (Bad file descriptor) [pid 690] close(15) = -1 EBADF (Bad file descriptor) [pid 690] close(16) = -1 EBADF (Bad file descriptor) [pid 690] close(17) = -1 EBADF (Bad file descriptor) [pid 690] close(18) = -1 EBADF (Bad file descriptor) [pid 690] close(19) = -1 EBADF (Bad file descriptor) [pid 690] close(20) = -1 EBADF (Bad file descriptor) [pid 690] close(21) = -1 EBADF (Bad file descriptor) [pid 690] close(22) = -1 EBADF (Bad file descriptor) [pid 690] close(23) = -1 EBADF (Bad file descriptor) [pid 690] close(24) = -1 EBADF (Bad file descriptor) [pid 690] close(25) = -1 EBADF (Bad file descriptor) [pid 690] close(26) = -1 EBADF (Bad file descriptor) [pid 690] close(27) = -1 EBADF (Bad file descriptor) [pid 690] close(28) = -1 EBADF (Bad file descriptor) [pid 690] close(29) = -1 EBADF (Bad file descriptor) [pid 690] exit_group(0 [pid 691] <... futex resumed>) = ? [pid 690] <... exit_group resumed>) = ? [pid 691] +++ exited with 0 +++ [pid 690] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=28, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 710 attached [pid 685] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 710] set_robust_list(0x7fc71fb3c9a0, 24 [pid 685] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 710] <... set_robust_list resumed>) = 0 [pid 685] <... futex resumed>) = 1 [pid 684] <... futex resumed>) = 0 [pid 684] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 684] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 710] rt_sigprocmask(SIG_SETMASK, [], [pid 685] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 710] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 710] memfd_create("syzkaller", 0 [pid 685] <... open resumed>) = 5 [pid 710] <... memfd_create resumed>) = 3 [pid 685] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 710] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 685] <... futex resumed>) = 1 [pid 684] <... futex resumed>) = 0 [pid 684] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 684] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 710] <... mmap resumed>) = 0x7fc71771c000 [pid 685] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 685] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 684] <... futex resumed>) = 0 [pid 684] close(3) = 0 [pid 684] close(4) = 0 [pid 684] close(5) = 0 [pid 684] close(6) = -1 EBADF (Bad file descriptor) [pid 684] close(7) = -1 EBADF (Bad file descriptor) [pid 684] close(8) = -1 EBADF (Bad file descriptor) [pid 684] close(9) = -1 EBADF (Bad file descriptor) [pid 684] close(10) = -1 EBADF (Bad file descriptor) [pid 684] close(11) = -1 EBADF (Bad file descriptor) [pid 684] close(12) = -1 EBADF (Bad file descriptor) [pid 684] close(13) = -1 EBADF (Bad file descriptor) [pid 684] close(14) = -1 EBADF (Bad file descriptor) [pid 684] close(15) = -1 EBADF (Bad file descriptor) [pid 684] close(16) = -1 EBADF (Bad file descriptor) [pid 684] close(17) = -1 EBADF (Bad file descriptor) [pid 684] close(18) = -1 EBADF (Bad file descriptor) [pid 684] close(19) = -1 EBADF (Bad file descriptor) [pid 684] close(20) = -1 EBADF (Bad file descriptor) [pid 684] close(21) = -1 EBADF (Bad file descriptor) [pid 684] close(22) = -1 EBADF (Bad file descriptor) [pid 684] close(23) = -1 EBADF (Bad file descriptor) [pid 684] close(24) = -1 EBADF (Bad file descriptor) [pid 684] close(25) = -1 EBADF (Bad file descriptor) [pid 684] close(26) = -1 EBADF (Bad file descriptor) [pid 684] close(27) = -1 EBADF (Bad file descriptor) [pid 684] close(28) = -1 EBADF (Bad file descriptor) [pid 684] close(29) = -1 EBADF (Bad file descriptor) [pid 684] exit_group(0) = ? [ 39.627111][ T691] F2FS-fs (loop1): switch discard_unit option is not allowed [ 39.638139][ T685] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 685] +++ exited with 0 +++ [pid 684] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=28, si_uid=0, si_status=0, si_utime=10, si_stime=17} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./12/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./12/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./12/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./12/file4") = 0 [pid 294] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./12/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./12") = 0 [pid 294] mkdir("./13", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 29 ./strace-static-x86_64: Process 713 attached [pid 713] set_robust_list(0x5555875796a0, 24) = 0 [pid 713] chdir("./13") = 0 [pid 713] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 713] setpgid(0, 0) = 0 [pid 713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 713] write(3, "1000", 4) = 4 [pid 713] close(3) = 0 [pid 713] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 713] write(1, "executing program\n", 18) = 18 [pid 713] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 713] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 713] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 713] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 713] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 713] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 713] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[30]}, 88) = 30 [pid 713] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 713] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 713] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 714 attached [pid 714] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 714] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 714] memfd_create("syzkaller", 0) = 3 [pid 714] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 712] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./13/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./13/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./13/file4") = 0 [pid 297] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./13/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./13") = 0 [pid 297] mkdir("./14", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 30 [pid 298] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 715 attached [pid 715] set_robust_list(0x5555875796a0, 24 [pid 298] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 715] <... set_robust_list resumed>) = 0 [pid 715] chdir("./14" [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 715] <... chdir resumed>) = 0 [pid 298] newfstatat(AT_FDCWD, "./13/file4", [pid 715] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 715] <... prctl resumed>) = 0 [pid 298] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 715] setpgid(0, 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 715] <... setpgid resumed>) = 0 [pid 298] openat(AT_FDCWD, "./13/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 715] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 298] <... openat resumed>) = 4 [pid 715] write(3, "1000", 4 [pid 298] newfstatat(4, "", [pid 715] <... write resumed>) = 4 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 715] close(3) = 0 [pid 298] getdents64(4, [pid 715] symlink("/dev/binderfs", "./binderfs" [pid 298] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 715] <... symlink resumed>) = 0 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 715] write(1, "executing program\n", 18executing program [pid 298] close(4 [pid 715] <... write resumed>) = 18 [pid 298] <... close resumed>) = 0 [pid 715] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] rmdir("./13/file4" [pid 715] <... futex resumed>) = 0 [pid 298] <... rmdir resumed>) = 0 [pid 715] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 298] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 715] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 715] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 298] newfstatat(AT_FDCWD, "./13/binderfs", [pid 715] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 298] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 715] <... mmap resumed>) = 0x7fc71fb1c000 [pid 298] unlink("./13/binderfs") = 0 [pid 715] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./13" [pid 715] rt_sigprocmask(SIG_BLOCK, ~[], [pid 298] <... rmdir resumed>) = 0 [pid 715] <... rt_sigprocmask resumed>[], 8) = 0 [pid 715] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 298] mkdir("./14", 0777) = 0 [pid 715] <... clone3 resumed> => {parent_tid=[31]}, 88) = 31 [pid 715] rt_sigprocmask(SIG_SETMASK, [], [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 715] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 715] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] ioctl(3, LOOP_CLR_FD [pid 715] <... futex resumed>) = 0 [pid 298] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 715] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 298] close(3) = 0 ./strace-static-x86_64: Process 716 attached [pid 716] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 716] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 716] memfd_create("syzkaller", 0) = 3 [pid 716] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 30 [pid 712] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 717 attached [pid 712] munmap(0x7fc71771c000, 138412032) = 0 [pid 717] set_robust_list(0x5555875796a0, 24 [pid 712] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 717] <... set_robust_list resumed>) = 0 [pid 717] chdir("./14") = 0 [pid 712] <... openat resumed>) = 4 [pid 717] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 712] ioctl(4, LOOP_SET_FD, 3 [pid 717] <... prctl resumed>) = 0 [pid 717] setpgid(0, 0) = 0 [pid 717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 710] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 717] <... openat resumed>) = 3 [pid 717] write(3, "1000", 4) = 4 [pid 717] close(3) = 0 [pid 717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 717] write(1, "executing program\n", 18executing program ) = 18 [pid 717] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 717] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 717] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 717] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 717] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 717] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 717] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[31]}, 88) = 31 [pid 717] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 717] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 717] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 718 attached [pid 718] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 718] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 718] memfd_create("syzkaller", 0) = 3 [pid 718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 712] <... ioctl resumed>) = 0 [pid 712] close(3) = 0 [pid 712] close(4) = 0 [pid 712] mkdir("./file4", 0777) = 0 [pid 712] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 39.972674][ T712] loop2: detected capacity change from 0 to 40427 [ 40.002488][ T712] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 40.009575][ T712] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 40.048773][ T712] F2FS-fs (loop2): fault_injection options not supported [ 40.058886][ T712] F2FS-fs (loop2): fault_type options not supported [ 40.077740][ T712] F2FS-fs (loop2): invalid crc value [pid 714] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 714] munmap(0x7fc71771c000, 138412032) = 0 [pid 714] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 40.108659][ T712] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 714] ioctl(4, LOOP_SET_FD, 3 [pid 710] <... write resumed>) = 20699119 [pid 710] munmap(0x7fc71771c000, 138412032) = 0 [pid 714] <... ioctl resumed>) = 0 [pid 714] close(3 [pid 710] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 710] ioctl(4, LOOP_SET_FD, 3 [pid 714] <... close resumed>) = 0 [pid 714] close(4) = 0 [pid 714] mkdir("./file4", 0777) = 0 [pid 714] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 710] <... ioctl resumed>) = 0 [pid 710] close(3) = 0 [pid 710] close(4) = 0 [pid 710] mkdir("./file4", 0777) = 0 [ 40.155464][ T714] loop0: detected capacity change from 0 to 40427 [ 40.168571][ T710] loop4: detected capacity change from 0 to 40427 [ 40.180105][ T714] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 40.187093][ T710] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 40.194577][ T714] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 710] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 716] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 40.202981][ T710] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 40.220636][ T712] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 40.230098][ T710] F2FS-fs (loop4): fault_injection options not supported [ 40.237223][ T712] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 40.244914][ T710] F2FS-fs (loop4): fault_type options not supported [pid 718] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 712] <... mount resumed>) = 0 [pid 712] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 712] chdir("./file4") = 0 [pid 712] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 712] ioctl(4, LOOP_CLR_FD) = 0 [pid 712] close(4) = 0 [pid 712] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 711] <... futex resumed>) = 0 [pid 711] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 711] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 712] fspick(AT_FDCWD, ".", 0) = 4 [pid 712] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 711] <... futex resumed>) = 0 [pid 711] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 711] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 712] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 40.250398][ T714] F2FS-fs (loop0): fault_injection options not supported [ 40.258724][ T714] F2FS-fs (loop0): fault_type options not supported [ 40.259546][ T710] F2FS-fs (loop4): invalid crc value [ 40.285246][ T712] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 712] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 711] <... futex resumed>) = 0 [pid 711] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 711] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 712] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 712] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 711] <... futex resumed>) = 0 [pid 712] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 711] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 711] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 712] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 712] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 712] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 711] <... futex resumed>) = 0 [pid 711] close(3) = 0 [pid 712] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 711] close(4) = 0 [pid 711] close(5) = 0 [pid 711] close(6) = -1 EBADF (Bad file descriptor) [pid 711] close(7) = -1 EBADF (Bad file descriptor) [pid 711] close(8) = -1 EBADF (Bad file descriptor) [pid 711] close(9) = -1 EBADF (Bad file descriptor) [pid 711] close(10) = -1 EBADF (Bad file descriptor) [pid 711] close(11) = -1 EBADF (Bad file descriptor) [pid 711] close(12) = -1 EBADF (Bad file descriptor) [pid 711] close(13) = -1 EBADF (Bad file descriptor) [pid 711] close(14) = -1 EBADF (Bad file descriptor) [pid 711] close(15) = -1 EBADF (Bad file descriptor) [pid 711] close(16) = -1 EBADF (Bad file descriptor) [pid 711] close(17) = -1 EBADF (Bad file descriptor) [pid 711] close(18) = -1 EBADF (Bad file descriptor) [pid 711] close(19) = -1 EBADF (Bad file descriptor) [pid 711] close(20) = -1 EBADF (Bad file descriptor) [pid 711] close(21) = -1 EBADF (Bad file descriptor) [pid 711] close(22) = -1 EBADF (Bad file descriptor) [pid 711] close(23) = -1 EBADF (Bad file descriptor) [pid 711] close(24) = -1 EBADF (Bad file descriptor) [pid 711] close(25) = -1 EBADF (Bad file descriptor) [pid 711] close(26) = -1 EBADF (Bad file descriptor) [pid 711] close(27) = -1 EBADF (Bad file descriptor) [pid 711] close(28) = -1 EBADF (Bad file descriptor) [pid 711] close(29) = -1 EBADF (Bad file descriptor) [pid 711] exit_group(0 [pid 712] <... futex resumed>) = ? [pid 711] <... exit_group resumed>) = ? [pid 712] +++ exited with 0 +++ [pid 711] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=28, si_uid=0, si_status=0, si_utime=3, si_stime=13} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 40.302108][ T714] F2FS-fs (loop0): invalid crc value [ 40.329702][ T714] F2FS-fs (loop0): Found nat_bits in checkpoint [ 40.337221][ T710] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 293] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 718] <... write resumed>) = 20699119 [pid 718] munmap(0x7fc71771c000, 138412032) = 0 [pid 718] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 718] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 718] close(3) = 0 [pid 718] close(4) = 0 [pid 718] mkdir("./file4", 0777) = 0 [pid 718] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 716] <... write resumed>) = 20699119 [ 40.406972][ T718] loop3: detected capacity change from 0 to 40427 [ 40.432933][ T710] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 40.432960][ T718] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 40.444756][ T710] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 716] munmap(0x7fc71771c000, 138412032) = 0 [pid 714] <... mount resumed>) = 0 [pid 710] <... mount resumed>) = 0 [pid 716] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 714] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 710] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 716] <... openat resumed>) = 4 [pid 714] <... openat resumed>) = 3 [pid 710] <... openat resumed>) = 3 [pid 293] <... umount2 resumed>) = 0 [pid 716] ioctl(4, LOOP_SET_FD, 3 [pid 714] chdir("./file4" [pid 710] chdir("./file4" [pid 714] <... chdir resumed>) = 0 [pid 710] <... chdir resumed>) = 0 [pid 714] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 710] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 714] <... openat resumed>) = 4 [pid 710] <... openat resumed>) = 4 [pid 714] ioctl(4, LOOP_CLR_FD [pid 710] ioctl(4, LOOP_CLR_FD [pid 714] <... ioctl resumed>) = 0 [pid 710] <... ioctl resumed>) = 0 [pid 714] close(4 [pid 710] close(4 [pid 714] <... close resumed>) = 0 [pid 710] <... close resumed>) = 0 [pid 714] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 710] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 714] <... futex resumed>) = 1 [pid 710] <... futex resumed>) = 1 [pid 714] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 710] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 293] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./13/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./13/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./13/file4") = 0 [pid 293] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 716] <... ioctl resumed>) = 0 [pid 293] unlink("./13/binderfs") = 0 [pid 716] close(3 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 716] <... close resumed>) = 0 [pid 716] close(4 [pid 293] close(3) = 0 [pid 716] <... close resumed>) = 0 [pid 293] rmdir("./13") = 0 [pid 716] mkdir("./file4", 0777) = 0 [pid 293] mkdir("./14", 0777 [pid 716] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 293] <... mkdir resumed>) = 0 [pid 713] <... futex resumed>) = 0 [pid 709] <... futex resumed>) = 0 [ 40.455770][ T714] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 40.463205][ T714] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 40.470867][ T718] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 40.479689][ T718] F2FS-fs (loop3): fault_injection options not supported [ 40.487817][ T716] loop1: detected capacity change from 0 to 40427 [ 40.488198][ T718] F2FS-fs (loop3): fault_type options not supported [pid 713] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 709] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 714] <... futex resumed>) = 0 [pid 713] <... futex resumed>) = 1 [pid 710] <... futex resumed>) = 0 [pid 709] <... futex resumed>) = 1 [pid 714] fspick(AT_FDCWD, ".", 0 [pid 713] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 710] fspick(AT_FDCWD, ".", 0 [pid 714] <... fspick resumed>) = 4 [pid 710] <... fspick resumed>) = 4 [pid 709] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 714] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 710] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 709] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 714] <... futex resumed>) = 1 [pid 713] <... futex resumed>) = 0 [pid 710] <... futex resumed>) = 0 [pid 709] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 714] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 710] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 709] <... futex resumed>) = 0 [pid 714] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 713] <... futex resumed>) = 0 [pid 709] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 714] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 713] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 710] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 30 [pid 710] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 709] <... futex resumed>) = 0 [pid 709] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 709] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 710] <... futex resumed>) = 1 [pid 710] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 710] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 709] <... futex resumed>) = 0 [pid 709] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 709] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 710] <... futex resumed>) = 1 [pid 710] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 710] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 709] <... futex resumed>) = 0 [pid 709] close(3) = 0 [pid 709] close(4) = 0 [pid 709] close(5) = 0 [pid 709] close(6) = -1 EBADF (Bad file descriptor) [pid 709] close(7) = -1 EBADF (Bad file descriptor) [pid 709] close(8) = -1 EBADF (Bad file descriptor) [pid 709] close(9) = -1 EBADF (Bad file descriptor) [pid 709] close(10) = -1 EBADF (Bad file descriptor) [pid 709] close(11) = -1 EBADF (Bad file descriptor) [pid 709] close(12) = -1 EBADF (Bad file descriptor) [pid 709] close(13) = -1 EBADF (Bad file descriptor) [pid 709] close(14./strace-static-x86_64: Process 731 attached [pid 714] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 709] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 709] close(15) = -1 EBADF (Bad file descriptor) [pid 709] close(16) = -1 EBADF (Bad file descriptor) [pid 709] close(17) = -1 EBADF (Bad file descriptor) [pid 709] close(18) = -1 EBADF (Bad file descriptor) [pid 709] close(19 [pid 710] <... futex resumed>) = 1 [pid 709] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 710] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 709] close(20) = -1 EBADF (Bad file descriptor) [pid 709] close(21) = -1 EBADF (Bad file descriptor) [pid 709] close(22) = -1 EBADF (Bad file descriptor) [pid 709] close(23) = -1 EBADF (Bad file descriptor) [pid 709] close(24) = -1 EBADF (Bad file descriptor) [pid 709] close(25) = -1 EBADF (Bad file descriptor) [pid 709] close(26) = -1 EBADF (Bad file descriptor) [pid 709] close(27) = -1 EBADF (Bad file descriptor) [pid 709] close(28) = -1 EBADF (Bad file descriptor) [pid 709] close(29) = -1 EBADF (Bad file descriptor) [pid 709] exit_group(0 [pid 710] <... futex resumed>) = ? [pid 709] <... exit_group resumed>) = ? [pid 710] +++ exited with 0 +++ [pid 709] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=28, si_uid=0, si_status=0, si_utime=7, si_stime=22} --- [ 40.509145][ T710] F2FS-fs (loop4): switch discard_unit option is not allowed [ 40.517095][ T714] F2FS-fs (loop0): switch discard_unit option is not allowed [ 40.530972][ T716] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 40.539122][ T718] F2FS-fs (loop3): invalid crc value [ 40.545611][ T716] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 731] set_robust_list(0x5555875796a0, 24 [pid 714] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... restart_syscall resumed>) = 0 [pid 299] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 731] <... set_robust_list resumed>) = 0 [pid 714] <... futex resumed>) = 1 [pid 713] <... futex resumed>) = 0 [pid 299] <... openat resumed>) = 3 [pid 713] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] newfstatat(3, "", [pid 713] <... futex resumed>) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 713] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 731] chdir("./14") = 0 [pid 731] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 731] setpgid(0, 0) = 0 [pid 731] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 731] write(3, "1000", 4) = 4 [pid 731] close(3executing program ) = 0 [pid 731] symlink("/dev/binderfs", "./binderfs") = 0 [pid 731] write(1, "executing program\n", 18) = 18 [pid 731] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 731] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 731] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 731] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 731] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 731] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 731] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[31]}, 88) = 31 [pid 731] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 731] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 731] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 714] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000./strace-static-x86_64: Process 734 attached ) = 5 [pid 734] set_robust_list(0x7fc71fb3c9a0, 24 [pid 714] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 734] <... set_robust_list resumed>) = 0 [pid 734] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 714] <... futex resumed>) = 1 [pid 713] <... futex resumed>) = 0 [pid 734] memfd_create("syzkaller", 0) = 3 [pid 734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 714] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 734] <... mmap resumed>) = 0x7fc71771c000 [pid 714] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 713] <... futex resumed>) = 0 [pid 714] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 713] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 714] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 714] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 713] <... futex resumed>) = 0 [pid 714] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 713] close(3) = 0 [pid 713] close(4) = 0 [pid 713] close(5) = 0 [pid 713] close(6) = -1 EBADF (Bad file descriptor) [pid 713] close(7) = -1 EBADF (Bad file descriptor) [pid 713] close(8) = -1 EBADF (Bad file descriptor) [pid 713] close(9) = -1 EBADF (Bad file descriptor) [pid 713] close(10) = -1 EBADF (Bad file descriptor) [pid 713] close(11) = -1 EBADF (Bad file descriptor) [pid 713] close(12) = -1 EBADF (Bad file descriptor) [pid 713] close(13) = -1 EBADF (Bad file descriptor) [pid 713] close(14) = -1 EBADF (Bad file descriptor) [pid 713] close(15) = -1 EBADF (Bad file descriptor) [pid 713] close(16) = -1 EBADF (Bad file descriptor) [pid 713] close(17) = -1 EBADF (Bad file descriptor) [pid 713] close(18) = -1 EBADF (Bad file descriptor) [pid 713] close(19) = -1 EBADF (Bad file descriptor) [pid 713] close(20) = -1 EBADF (Bad file descriptor) [pid 713] close(21) = -1 EBADF (Bad file descriptor) [pid 713] close(22) = -1 EBADF (Bad file descriptor) [pid 713] close(23) = -1 EBADF (Bad file descriptor) [pid 713] close(24) = -1 EBADF (Bad file descriptor) [pid 713] close(25) = -1 EBADF (Bad file descriptor) [pid 713] close(26) = -1 EBADF (Bad file descriptor) [pid 713] close(27) = -1 EBADF (Bad file descriptor) [pid 713] close(28) = -1 EBADF (Bad file descriptor) [pid 713] close(29) = -1 EBADF (Bad file descriptor) [pid 713] exit_group(0) = ? [pid 714] <... futex resumed>) = ? [pid 714] +++ exited with 0 +++ [pid 713] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29, si_uid=0, si_status=0, si_utime=9, si_stime=18} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 40.554893][ T716] F2FS-fs (loop1): fault_injection options not supported [ 40.563950][ T716] F2FS-fs (loop1): fault_type options not supported [ 40.572375][ T716] F2FS-fs (loop1): invalid crc value [ 40.579372][ T718] F2FS-fs (loop3): Found nat_bits in checkpoint [ 40.617484][ T716] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 294] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 718] <... mount resumed>) = 0 [pid 718] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 718] chdir("./file4") = 0 [pid 718] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 718] ioctl(4, LOOP_CLR_FD) = 0 [pid 718] close(4) = 0 [pid 716] <... mount resumed>) = 0 [pid 716] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 716] chdir("./file4") = 0 [pid 716] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 716] ioctl(4, LOOP_CLR_FD) = 0 [pid 716] close(4) = 0 [pid 716] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] <... futex resumed>) = 0 [pid 715] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 716] <... futex resumed>) = 1 [pid 716] fspick(AT_FDCWD, ".", 0) = 4 [pid 718] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 717] <... futex resumed>) = 0 [pid 717] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 717] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 716] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] <... futex resumed>) = 0 [pid 715] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 716] <... futex resumed>) = 1 [pid 716] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 40.700914][ T718] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 40.717986][ T716] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 40.718684][ T718] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 40.734753][ T716] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 718] fspick(AT_FDCWD, ".", 0) = 4 [pid 718] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 717] <... futex resumed>) = 0 [pid 717] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 717] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 718] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 716] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 716] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] <... futex resumed>) = 0 [pid 715] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 716] <... futex resumed>) = 1 [pid 716] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 716] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] <... futex resumed>) = 0 [pid 715] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 715] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 716] <... futex resumed>) = 1 [pid 716] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 716] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 715] <... futex resumed>) = 0 [pid 715] close(3) = 0 [pid 715] close(4) = 0 [pid 715] close(5) = 0 [pid 715] close(6) = -1 EBADF (Bad file descriptor) [pid 715] close(7) = -1 EBADF (Bad file descriptor) [pid 715] close(8) = -1 EBADF (Bad file descriptor) [pid 715] close(9) = -1 EBADF (Bad file descriptor) [pid 715] close(10) = -1 EBADF (Bad file descriptor) [pid 715] close(11) = -1 EBADF (Bad file descriptor) [pid 715] close(12) = -1 EBADF (Bad file descriptor) [pid 715] close(13) = -1 EBADF (Bad file descriptor) [pid 715] close(14) = -1 EBADF (Bad file descriptor) [pid 715] close(15) = -1 EBADF (Bad file descriptor) [pid 715] close(16) = -1 EBADF (Bad file descriptor) [pid 715] close(17) = -1 EBADF (Bad file descriptor) [pid 715] close(18) = -1 EBADF (Bad file descriptor) [pid 715] close(19) = -1 EBADF (Bad file descriptor) [pid 715] close(20) = -1 EBADF (Bad file descriptor) [pid 715] close(21) = -1 EBADF (Bad file descriptor) [pid 715] close(22) = -1 EBADF (Bad file descriptor) [pid 715] close(23) = -1 EBADF (Bad file descriptor) [pid 715] close(24) = -1 EBADF (Bad file descriptor) [pid 715] close(25) = -1 EBADF (Bad file descriptor) [pid 715] close(26) = -1 EBADF (Bad file descriptor) [pid 715] close(27) = -1 EBADF (Bad file descriptor) [pid 715] close(28) = -1 EBADF (Bad file descriptor) [pid 715] close(29) = -1 EBADF (Bad file descriptor) [pid 715] exit_group(0) = ? [pid 716] <... futex resumed>) = ? [pid 716] +++ exited with 0 +++ [pid 715] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=30, si_uid=0, si_status=0, si_utime=7, si_stime=20} --- [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 734] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 718] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 717] <... futex resumed>) = 0 [pid 717] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... restart_syscall resumed>) = 0 [pid 718] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 717] <... futex resumed>) = 0 [pid 717] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 297] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 40.761387][ T716] F2FS-fs (loop1): switch discard_unit option is not allowed [ 40.770816][ T718] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 297] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 718] <... open resumed>) = 5 [pid 294] <... umount2 resumed>) = 0 [pid 718] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 718] <... futex resumed>) = 1 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 717] <... futex resumed>) = 0 [pid 717] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 717] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 718] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 294] newfstatat(AT_FDCWD, "./13/file4", [pid 718] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 718] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 718] <... futex resumed>) = 1 [pid 717] <... futex resumed>) = 0 [pid 717] close(3) = 0 [pid 294] openat(AT_FDCWD, "./13/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 718] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 717] close(4) = 0 [pid 717] close(5) = 0 [pid 717] close(6 [pid 294] <... openat resumed>) = 4 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] newfstatat(4, "", [pid 717] close(7 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 717] close(8 [pid 294] getdents64(4, [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 717] close(9 [pid 294] close(4 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] <... close resumed>) = 0 [pid 717] close(10 [pid 294] rmdir("./13/file4" [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] <... rmdir resumed>) = 0 [pid 717] close(11 [pid 294] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 717] close(12 [pid 294] newfstatat(AT_FDCWD, "./13/binderfs", [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 717] close(13 [pid 294] unlink("./13/binderfs" [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 717] close(14 [pid 294] <... unlink resumed>) = 0 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] getdents64(3, [pid 717] close(15 [pid 294] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] close(3 [pid 717] close(16 [pid 294] <... close resumed>) = 0 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] rmdir("./13" [pid 717] close(17 [pid 294] <... rmdir resumed>) = 0 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] mkdir("./14", 0777 [pid 717] close(18) = -1 EBADF (Bad file descriptor) [pid 294] <... mkdir resumed>) = 0 [pid 717] close(19 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 717] close(20 [pid 294] <... openat resumed>) = 3 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] ioctl(3, LOOP_CLR_FD [pid 717] close(21) = -1 EBADF (Bad file descriptor) [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 717] close(22 [pid 294] close(3 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 717] close(23 [pid 294] <... close resumed>) = 0 [pid 717] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 717] close(24) = -1 EBADF (Bad file descriptor) [pid 717] close(25) = -1 EBADF (Bad file descriptor) [pid 717] close(26) = -1 EBADF (Bad file descriptor) [pid 717] close(27) = -1 EBADF (Bad file descriptor) [pid 717] close(28) = -1 EBADF (Bad file descriptor) [pid 717] close(29) = -1 EBADF (Bad file descriptor) [pid 717] exit_group(0) = ? [pid 718] <... futex resumed>) = ? [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 718] +++ exited with 0 +++ [pid 717] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=30, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 31 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./13/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./13/file4", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program ) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./13/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./13/file4") = 0 [pid 299] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./13/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./13") = 0 [pid 299] mkdir("./14", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 30 ./strace-static-x86_64: Process 741 attached [pid 741] set_robust_list(0x5555875796a0, 24) = 0 [pid 741] chdir("./14") = 0 [pid 741] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 741] setpgid(0, 0) = 0 [pid 741] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 741] write(3, "1000", 4) = 4 [pid 741] close(3) = 0 [pid 741] symlink("/dev/binderfs", "./binderfs") = 0 [pid 741] write(1, "executing program\n", 18) = 18 [pid 741] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 741] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 741] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 741] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 741] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 741] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 741] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[32]}, 88) = 32 [pid 741] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 741] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 741] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 743 attached [pid 743] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 743] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 743] memfd_create("syzkaller", 0) = 3 [pid 743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 40.802843][ T297] bio_check_eod: 14 callbacks suppressed [ 40.802863][ T297] syz-executor248: attempt to access beyond end of device [ 40.802863][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 298] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 742 attached [pid 742] set_robust_list(0x5555875796a0, 24) = 0 [pid 742] chdir("./14") = 0 [pid 742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 742] setpgid(0, 0) = 0 [pid 742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 742] write(3, "1000", 4) = 4 [pid 742] close(3) = 0 [pid 742] symlink("/dev/binderfs", "./binderfs") = 0 [pid 742] write(1, "executing program\n", 18executing program ) = 18 [pid 742] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 742] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 742] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 742] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 742] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 742] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 742] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[31]}, 88) = 31 [pid 742] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 742] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 742] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 744 attached [pid 744] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 744] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 744] memfd_create("syzkaller", 0) = 3 [pid 744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 40.847459][ T298] syz-executor248: attempt to access beyond end of device [ 40.847459][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 734] <... write resumed>) = 20699119 [pid 734] munmap(0x7fc71771c000, 138412032) = 0 [pid 734] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 734] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 734] close(3) = 0 [pid 734] close(4) = 0 [pid 734] mkdir("./file4", 0777) = 0 [ 40.943208][ T734] loop2: detected capacity change from 0 to 40427 [ 40.965934][ T734] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 40.980829][ T734] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 41.021753][ T734] F2FS-fs (loop2): fault_injection options not supported [ 41.030493][ T734] F2FS-fs (loop2): fault_type options not supported [ 41.049903][ T734] F2FS-fs (loop2): invalid crc value [pid 734] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 744] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... umount2 resumed>) = 0 [pid 297] <... umount2 resumed>) = 0 [pid 298] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./14/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./14/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./14/file4") = 0 [pid 298] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./14/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./14") = 0 [pid 298] mkdir("./15", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 32 ./strace-static-x86_64: Process 748 attached [pid 748] set_robust_list(0x5555875796a0, 24) = 0 [pid 748] chdir("./15") = 0 [pid 748] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 748] setpgid(0, 0) = 0 [pid 748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 297] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 748] write(3, "1000", 4) = 4 [pid 297] newfstatat(AT_FDCWD, "./14/file4", [pid 748] close(3 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 748] <... close resumed>) = 0 [pid 748] symlink("/dev/binderfs", "./binderfs" [pid 297] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 748] <... symlink resumed>) = 0 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./14/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", [pid 748] write(1, "executing program\n", 18 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 executing program [pid 748] <... write resumed>) = 18 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 748] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] close(4) = 0 [pid 748] <... futex resumed>) = 0 [pid 748] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 297] rmdir("./14/file4" [pid 748] <... rt_sigaction resumed>NULL, 8) = 0 [pid 297] <... rmdir resumed>) = 0 [pid 748] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 748] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 297] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 748] <... mmap resumed>) = 0x7fc71fb1c000 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 748] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 297] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./14/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3 [pid 748] rt_sigprocmask(SIG_BLOCK, ~[], [pid 297] <... close resumed>) = 0 [pid 297] rmdir("./14") = 0 [pid 748] <... rt_sigprocmask resumed>[], 8) = 0 [pid 748] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 297] mkdir("./15", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 748] <... clone3 resumed> => {parent_tid=[33]}, 88) = 33 [pid 748] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 297] ioctl(3, LOOP_CLR_FD [pid 748] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 748] <... futex resumed>) = 0 [pid 748] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [ 41.081367][ T734] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 32 [pid 743] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 750 attached [pid 750] set_robust_list(0x5555875796a0, 24) = 0 [pid 750] chdir("./15"./strace-static-x86_64: Process 749 attached ) = 0 [pid 749] set_robust_list(0x7fc71fb3c9a0, 24 [pid 750] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 750] setpgid(0, 0) = 0 [pid 749] <... set_robust_list resumed>) = 0 [pid 749] rt_sigprocmask(SIG_SETMASK, [], [pid 750] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 749] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 750] <... openat resumed>) = 3 [pid 750] write(3, "1000", 4 [pid 749] memfd_create("syzkaller", 0 [pid 750] <... write resumed>) = 4 [pid 750] close(3) = 0 [pid 750] symlink("/dev/binderfs", "./binderfs" [pid 749] <... memfd_create resumed>) = 3 [pid 749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 executing program [pid 750] <... symlink resumed>) = 0 [pid 750] write(1, "executing program\n", 18) = 18 [pid 750] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 750] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 750] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 750] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 750] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 750] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 750] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[33]}, 88) = 33 [pid 750] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 750] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 750] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 751 attached [pid 751] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 751] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 751] memfd_create("syzkaller", 0) = 3 [pid 751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 743] <... write resumed>) = 20699119 [pid 743] munmap(0x7fc71771c000, 138412032) = 0 [pid 743] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 743] ioctl(4, LOOP_SET_FD, 3 [pid 734] <... mount resumed>) = 0 [pid 734] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 734] chdir("./file4") = 0 [pid 734] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 734] ioctl(4, LOOP_CLR_FD) = 0 [pid 734] close(4) = 0 [pid 734] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 731] <... futex resumed>) = 0 [pid 731] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 734] fspick(AT_FDCWD, ".", 0 [pid 731] <... futex resumed>) = 0 [pid 731] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 734] <... fspick resumed>) = 4 [pid 734] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 731] <... futex resumed>) = 0 [pid 731] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 734] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 731] <... futex resumed>) = 0 [ 41.190640][ T734] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 41.217930][ T734] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 41.219095][ T743] loop0: detected capacity change from 0 to 40427 [pid 731] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 743] <... ioctl resumed>) = 0 [pid 743] close(3) = 0 [pid 743] close(4) = 0 [pid 743] mkdir("./file4", 0777) = 0 [pid 743] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 734] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [ 41.244891][ T734] F2FS-fs (loop2): switch discard_unit option is not allowed [ 41.260470][ T743] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 41.278350][ T743] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 734] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 731] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 731] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 744] <... write resumed>) = 20699119 [pid 744] munmap(0x7fc71771c000, 138412032) = 0 [pid 734] <... futex resumed>) = 0 [pid 731] <... futex resumed>) = 0 [pid 734] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 731] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 744] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 744] ioctl(4, LOOP_SET_FD, 3 [pid 734] <... open resumed>) = 5 [pid 734] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 731] <... futex resumed>) = 0 [pid 731] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 734] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 731] <... futex resumed>) = 0 [pid 734] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 731] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 734] <... futex resumed>) = 0 [pid 731] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 731] close(3 [pid 734] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 731] <... close resumed>) = 0 [pid 731] close(4) = 0 [pid 731] close(5) = 0 [pid 731] close(6) = -1 EBADF (Bad file descriptor) [pid 731] close(7) = -1 EBADF (Bad file descriptor) [pid 731] close(8) = -1 EBADF (Bad file descriptor) [pid 731] close(9) = -1 EBADF (Bad file descriptor) [pid 731] close(10) = -1 EBADF (Bad file descriptor) [pid 731] close(11) = -1 EBADF (Bad file descriptor) [pid 731] close(12) = -1 EBADF (Bad file descriptor) [pid 731] close(13) = -1 EBADF (Bad file descriptor) [pid 731] close(14) = -1 EBADF (Bad file descriptor) [pid 731] close(15) = -1 EBADF (Bad file descriptor) [pid 731] close(16) = -1 EBADF (Bad file descriptor) [pid 731] close(17) = -1 EBADF (Bad file descriptor) [pid 731] close(18) = -1 EBADF (Bad file descriptor) [pid 731] close(19) = -1 EBADF (Bad file descriptor) [pid 731] close(20) = -1 EBADF (Bad file descriptor) [pid 731] close(21) = -1 EBADF (Bad file descriptor) [pid 731] close(22) = -1 EBADF (Bad file descriptor) [pid 731] close(23) = -1 EBADF (Bad file descriptor) [pid 731] close(24) = -1 EBADF (Bad file descriptor) [pid 731] close(25) = -1 EBADF (Bad file descriptor) [pid 731] close(26) = -1 EBADF (Bad file descriptor) [pid 731] close(27) = -1 EBADF (Bad file descriptor) [pid 731] close(28) = -1 EBADF (Bad file descriptor) [pid 731] close(29) = -1 EBADF (Bad file descriptor) [pid 731] exit_group(0 [pid 734] <... futex resumed>) = ? [pid 731] <... exit_group resumed>) = ? [pid 734] +++ exited with 0 +++ [pid 731] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=30, si_uid=0, si_status=0, si_utime=4, si_stime=16} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 41.291558][ T743] F2FS-fs (loop0): fault_injection options not supported [ 41.306970][ T743] F2FS-fs (loop0): fault_type options not supported [ 41.314887][ T744] loop4: detected capacity change from 0 to 40427 [ 41.329739][ T743] F2FS-fs (loop0): invalid crc value [pid 293] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 744] <... ioctl resumed>) = 0 [pid 744] close(3) = 0 [pid 744] close(4) = 0 [pid 744] mkdir("./file4", 0777) = 0 [ 41.342693][ T293] syz-executor248: attempt to access beyond end of device [ 41.342693][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 41.343328][ T744] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 41.366355][ T744] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 41.376741][ T743] F2FS-fs (loop0): Found nat_bits in checkpoint [ 41.387011][ T744] F2FS-fs (loop4): fault_injection options not supported [pid 744] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 41.408317][ T744] F2FS-fs (loop4): fault_type options not supported [ 41.419534][ T744] F2FS-fs (loop4): invalid crc value [pid 749] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 751] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 743] <... mount resumed>) = 0 [pid 743] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 743] chdir("./file4") = 0 [pid 743] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 743] ioctl(4, LOOP_CLR_FD) = 0 [ 41.455066][ T744] F2FS-fs (loop4): Found nat_bits in checkpoint [ 41.461832][ T743] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 41.468981][ T743] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 743] close(4) = 0 [pid 743] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = 0 [pid 741] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 741] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 743] <... futex resumed>) = 1 [pid 743] fspick(AT_FDCWD, ".", 0) = 4 [pid 743] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = 0 [pid 741] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 741] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 743] <... futex resumed>) = 1 [pid 743] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 743] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = 0 [pid 741] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 741] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 743] <... futex resumed>) = 1 [pid 743] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 743] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = 0 [pid 741] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 741] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 743] <... futex resumed>) = 1 [pid 743] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 743] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 741] <... futex resumed>) = 0 [pid 741] close(3) = 0 [pid 741] close(4) = 0 [pid 741] close(5) = 0 [pid 741] close(6) = -1 EBADF (Bad file descriptor) [pid 741] close(7) = -1 EBADF (Bad file descriptor) [pid 741] close(8) = -1 EBADF (Bad file descriptor) [pid 741] close(9) = -1 EBADF (Bad file descriptor) [pid 741] close(10) = -1 EBADF (Bad file descriptor) [pid 741] close(11) = -1 EBADF (Bad file descriptor) [pid 741] close(12) = -1 EBADF (Bad file descriptor) [pid 741] close(13) = -1 EBADF (Bad file descriptor) [pid 741] close(14) = -1 EBADF (Bad file descriptor) [pid 741] close(15) = -1 EBADF (Bad file descriptor) [pid 741] close(16) = -1 EBADF (Bad file descriptor) [pid 741] close(17) = -1 EBADF (Bad file descriptor) [pid 741] close(18) = -1 EBADF (Bad file descriptor) [pid 741] close(19) = -1 EBADF (Bad file descriptor) [pid 741] close(20) = -1 EBADF (Bad file descriptor) [pid 741] close(21) = -1 EBADF (Bad file descriptor) [pid 741] close(22) = -1 EBADF (Bad file descriptor) [pid 741] close(23) = -1 EBADF (Bad file descriptor) [pid 741] close(24) = -1 EBADF (Bad file descriptor) [pid 741] close(25) = -1 EBADF (Bad file descriptor) [pid 741] close(26) = -1 EBADF (Bad file descriptor) [pid 741] close(27) = -1 EBADF (Bad file descriptor) [pid 741] close(28) = -1 EBADF (Bad file descriptor) [pid 741] close(29) = -1 EBADF (Bad file descriptor) [pid 741] exit_group(0) = ? [pid 743] <... futex resumed>) = ? [pid 743] +++ exited with 0 +++ [pid 741] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=31, si_uid=0, si_status=0, si_utime=10, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 41.500075][ T743] F2FS-fs (loop0): switch discard_unit option is not allowed [ 41.541709][ T294] syz-executor248: attempt to access beyond end of device [ 41.541709][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 41.578104][ T744] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [pid 294] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 744] <... mount resumed>) = 0 [pid 744] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 744] chdir("./file4") = 0 [pid 744] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 293] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 744] ioctl(4, LOOP_CLR_FD) = 0 [pid 744] close(4) = 0 [pid 744] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 744] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 742] <... futex resumed>) = 0 [pid 742] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 744] <... futex resumed>) = 0 [pid 742] <... futex resumed>) = 1 [pid 744] fspick(AT_FDCWD, ".", 0 [pid 742] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 744] <... fspick resumed>) = 4 [pid 744] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 744] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 742] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 742] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 744] <... futex resumed>) = 0 [pid 742] <... futex resumed>) = 1 [ 41.588001][ T744] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 744] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 742] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./14/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./14/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 744] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 744] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... openat resumed>) = 4 [pid 744] <... futex resumed>) = 1 [pid 744] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 742] <... futex resumed>) = 0 [pid 293] newfstatat(4, "", [pid 749] <... write resumed>) = 20699119 [pid 744] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 742] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 749] munmap(0x7fc71771c000, 138412032 [pid 744] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 742] <... futex resumed>) = 0 [pid 293] getdents64(4, [pid 742] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 744] <... open resumed>) = 5 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./14/file4") = 0 [pid 293] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 749] <... munmap resumed>) = 0 [pid 744] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] unlink("./14/binderfs" [pid 749] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 744] <... futex resumed>) = 1 [pid 742] <... futex resumed>) = 0 [pid 749] <... openat resumed>) = 4 [pid 744] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 742] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... unlink resumed>) = 0 [pid 749] ioctl(4, LOOP_SET_FD, 3 [pid 744] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 742] <... futex resumed>) = 0 [pid 293] getdents64(3, [pid 744] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 742] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 742] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] close(3 [pid 742] close(3 [pid 293] <... close resumed>) = 0 [pid 742] <... close resumed>) = 0 [pid 293] rmdir("./14" [pid 742] close(4 [pid 293] <... rmdir resumed>) = 0 [pid 742] <... close resumed>) = 0 [pid 293] mkdir("./15", 0777 [pid 742] close(5 [pid 293] <... mkdir resumed>) = 0 [pid 742] <... close resumed>) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 742] close(6 [pid 293] <... openat resumed>) = 3 [pid 742] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] ioctl(3, LOOP_CLR_FD [pid 742] close(7 [pid 293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 742] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] close(3 [pid 742] close(8 [pid 293] <... close resumed>) = 0 [pid 744] <... futex resumed>) = 0 [pid 742] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 744] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 742] close(9) = -1 EBADF (Bad file descriptor) [pid 293] <... clone resumed>, child_tidptr=0x555587579690) = 32 [pid 742] close(10) = -1 EBADF (Bad file descriptor) [pid 742] close(11) = -1 EBADF (Bad file descriptor) [pid 742] close(12) = -1 EBADF (Bad file descriptor) [pid 742] close(13) = -1 EBADF (Bad file descriptor) [pid 742] close(14) = -1 EBADF (Bad file descriptor) [pid 742] close(15) = -1 EBADF (Bad file descriptor) [pid 742] close(16) = -1 EBADF (Bad file descriptor) [pid 742] close(17) = -1 EBADF (Bad file descriptor) [pid 742] close(18) = -1 EBADF (Bad file descriptor) [pid 742] close(19) = -1 EBADF (Bad file descriptor) [pid 742] close(20) = -1 EBADF (Bad file descriptor) [pid 742] close(21) = -1 EBADF (Bad file descriptor) [pid 742] close(22) = -1 EBADF (Bad file descriptor) [pid 742] close(23) = -1 EBADF (Bad file descriptor) [pid 742] close(24) = -1 EBADF (Bad file descriptor) [pid 742] close(25) = -1 EBADF (Bad file descriptor) [pid 742] close(26) = -1 EBADF (Bad file descriptor) [pid 742] close(27) = -1 EBADF (Bad file descriptor) [pid 742] close(28) = -1 EBADF (Bad file descriptor) [pid 742] close(29) = -1 EBADF (Bad file descriptor) [pid 742] exit_group(0./strace-static-x86_64: Process 761 attached [pid 744] <... futex resumed>) = ? [pid 742] <... exit_group resumed>) = ? [pid 761] set_robust_list(0x5555875796a0, 24 [pid 744] +++ exited with 0 +++ [pid 742] +++ exited with 0 +++ [pid 761] <... set_robust_list resumed>) = 0 [pid 761] chdir("./15" [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=30, si_uid=0, si_status=0, si_utime=7, si_stime=22} --- [pid 761] <... chdir resumed>) = 0 [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 761] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 299] <... restart_syscall resumed>) = 0 [pid 761] <... prctl resumed>) = 0 [pid 761] setpgid(0, 0 [pid 751] <... write resumed>) = 20699119 [pid 749] <... ioctl resumed>) = 0 [pid 761] <... setpgid resumed>) = 0 [pid 299] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 761] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 761] <... openat resumed>) = 3 [pid 299] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 761] write(3, "1000", 4 [pid 299] <... openat resumed>) = 3 [pid 761] <... write resumed>) = 4 [pid 299] newfstatat(3, "", [pid 761] close(3 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 761] <... close resumed>) = 0 [pid 299] getdents64(3, [pid 761] symlink("/dev/binderfs", "./binderfs" [pid 299] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 executing program [pid 761] <... symlink resumed>) = 0 [pid 299] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 761] write(1, "executing program\n", 18) = 18 [ 41.621782][ T744] F2FS-fs (loop4): switch discard_unit option is not allowed [ 41.646833][ T749] loop3: detected capacity change from 0 to 40427 [pid 761] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 761] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 761] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 749] close(3 [pid 761] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 749] <... close resumed>) = 0 [pid 761] <... mmap resumed>) = 0x7fc71fb1c000 [pid 749] close(4 [pid 761] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 749] <... close resumed>) = 0 [pid 761] <... mprotect resumed>) = 0 [pid 749] mkdir("./file4", 0777 [pid 761] rt_sigprocmask(SIG_BLOCK, ~[], [pid 749] <... mkdir resumed>) = 0 [pid 761] <... rt_sigprocmask resumed>[], 8) = 0 [pid 749] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 761] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[33]}, 88) = 33 [pid 761] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 761] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 761] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 751] munmap(0x7fc71771c000, 138412032./strace-static-x86_64: Process 762 attached [pid 762] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 762] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 762] memfd_create("syzkaller", 0) = 3 [pid 762] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 751] <... munmap resumed>) = 0 [pid 751] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 41.670011][ T299] syz-executor248: attempt to access beyond end of device [ 41.670011][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 41.686936][ T749] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 41.698012][ T749] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 41.707633][ T751] loop1: detected capacity change from 0 to 40427 [pid 751] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 751] close(3) = 0 [pid 751] close(4) = 0 [pid 751] mkdir("./file4", 0777) = 0 [ 41.730420][ T749] F2FS-fs (loop3): fault_injection options not supported [ 41.739728][ T751] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 41.747293][ T751] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 41.755709][ T749] F2FS-fs (loop3): fault_type options not supported [ 41.765329][ T749] F2FS-fs (loop3): invalid crc value [pid 751] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./14/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./14/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./14/file4") = 0 [pid 294] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 41.790490][ T751] F2FS-fs (loop1): fault_injection options not supported [ 41.807697][ T749] F2FS-fs (loop3): Found nat_bits in checkpoint [ 41.811537][ T751] F2FS-fs (loop1): fault_type options not supported [pid 294] unlink("./14/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./14") = 0 [pid 294] mkdir("./15", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 33 ./strace-static-x86_64: Process 766 attached [pid 766] set_robust_list(0x5555875796a0, 24) = 0 [pid 766] chdir("./15") = 0 [pid 766] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 766] setpgid(0, 0) = 0 [pid 766] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 766] write(3, "1000", 4) = 4 [pid 766] close(3) = 0 [pid 766] symlink("/dev/binderfs", "./binderfs") = 0 [pid 766] write(1, "executing program\n", 18executing program ) = 18 [pid 766] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 766] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 766] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 766] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 766] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 766] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 766] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[34]}, 88) = 34 [pid 766] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 766] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 766] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 768 attached [pid 768] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 768] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 768] memfd_create("syzkaller", 0) = 3 [pid 768] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 41.837096][ T751] F2FS-fs (loop1): invalid crc value [pid 762] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 749] <... mount resumed>) = 0 [pid 749] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 749] chdir("./file4") = 0 [pid 749] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 749] ioctl(4, LOOP_CLR_FD) = 0 [pid 749] close(4) = 0 [pid 749] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 748] <... futex resumed>) = 0 [pid 749] fspick(AT_FDCWD, ".", 0 [pid 748] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 749] <... fspick resumed>) = 4 [pid 748] <... futex resumed>) = 0 [pid 749] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 748] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 749] <... futex resumed>) = 0 [pid 748] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 749] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 748] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 299] <... umount2 resumed>) = 0 [pid 748] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 749] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 749] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 748] <... futex resumed>) = 0 [pid 748] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 748] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 749] <... futex resumed>) = 1 [pid 749] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./14/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./14/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 749] <... open resumed>) = 5 [pid 299] openat(AT_FDCWD, "./14/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 749] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 748] <... futex resumed>) = 0 [pid 748] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 748] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 749] <... futex resumed>) = 1 [pid 749] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 299] <... openat resumed>) = 4 [pid 299] newfstatat(4, "", [pid 749] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 749] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 748] <... futex resumed>) = 0 [pid 748] close(3) = 0 [pid 748] close(4) = 0 [pid 748] close(5 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 748] <... close resumed>) = 0 [pid 748] close(6) = -1 EBADF (Bad file descriptor) [pid 748] close(7) = -1 EBADF (Bad file descriptor) [pid 748] close(8) = -1 EBADF (Bad file descriptor) [pid 748] close(9) = -1 EBADF (Bad file descriptor) [pid 748] close(10) = -1 EBADF (Bad file descriptor) [pid 748] close(11) = -1 EBADF (Bad file descriptor) [pid 748] close(12) = -1 EBADF (Bad file descriptor) [pid 748] close(13) = -1 EBADF (Bad file descriptor) [pid 748] close(14) = -1 EBADF (Bad file descriptor) [pid 299] getdents64(4, [pid 748] close(15) = -1 EBADF (Bad file descriptor) [pid 748] close(16) = -1 EBADF (Bad file descriptor) [pid 748] close(17) = -1 EBADF (Bad file descriptor) [pid 748] close(18) = -1 EBADF (Bad file descriptor) [pid 299] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 748] close(19) = -1 EBADF (Bad file descriptor) [pid 748] close(20) = -1 EBADF (Bad file descriptor) [pid 748] close(21) = -1 EBADF (Bad file descriptor) [pid 748] close(22) = -1 EBADF (Bad file descriptor) [pid 748] close(23) = -1 EBADF (Bad file descriptor) [pid 748] close(24 [pid 299] getdents64(4, [pid 748] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 748] close(25) = -1 EBADF (Bad file descriptor) [pid 748] close(26) = -1 EBADF (Bad file descriptor) [pid 748] close(27) = -1 EBADF (Bad file descriptor) [pid 748] close(28) = -1 EBADF (Bad file descriptor) [pid 748] close(29) = -1 EBADF (Bad file descriptor) [pid 748] exit_group(0) = ? [pid 749] <... futex resumed>) = ? [pid 749] +++ exited with 0 +++ [pid 748] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 299] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 298] <... restart_syscall resumed>) = 0 [pid 299] rmdir("./14/file4") = 0 [pid 298] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] getdents64(3, [pid 299] newfstatat(AT_FDCWD, "./14/binderfs", [pid 298] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 41.886933][ T751] F2FS-fs (loop1): Found nat_bits in checkpoint [ 41.894759][ T749] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 41.912574][ T749] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 41.922001][ T749] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 299] unlink("./14/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./14") = 0 [pid 299] mkdir("./15", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 32 ./strace-static-x86_64: Process 773 attached [pid 773] set_robust_list(0x5555875796a0, 24) = 0 [pid 773] chdir("./15") = 0 [pid 773] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 773] setpgid(0, 0) = 0 executing program [pid 773] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 773] write(3, "1000", 4) = 4 [pid 773] close(3) = 0 [pid 773] symlink("/dev/binderfs", "./binderfs") = 0 [pid 773] write(1, "executing program\n", 18) = 18 [pid 773] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 773] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 773] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 773] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 773] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 773] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 773] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[33]}, 88) = 33 [pid 773] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 773] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 773] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 774 attached [pid 774] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 774] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 774] memfd_create("syzkaller", 0) = 3 [pid 774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 751] <... mount resumed>) = 0 [pid 751] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 751] chdir("./file4") = 0 [pid 751] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 751] ioctl(4, LOOP_CLR_FD) = 0 [ 41.963496][ T298] syz-executor248: attempt to access beyond end of device [ 41.963496][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 41.989768][ T751] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 41.998726][ T751] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 751] close(4) = 0 [pid 751] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 751] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 750] <... futex resumed>) = 0 [pid 750] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 750] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 751] fspick(AT_FDCWD, ".", 0) = 4 [pid 751] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 750] <... futex resumed>) = 0 [pid 750] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 750] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 751] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 750] <... futex resumed>) = 0 [pid 750] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 750] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 751] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 750] <... futex resumed>) = 0 [pid 750] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 750] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 751] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 751] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 750] <... futex resumed>) = 0 [pid 750] close(3) = 0 [pid 750] close(4) = 0 [pid 750] close(5) = 0 [pid 750] close(6) = -1 EBADF (Bad file descriptor) [pid 750] close(7) = -1 EBADF (Bad file descriptor) [pid 750] close(8 [pid 751] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 750] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 750] close(9) = -1 EBADF (Bad file descriptor) [pid 750] close(10) = -1 EBADF (Bad file descriptor) [pid 750] close(11) = -1 EBADF (Bad file descriptor) [pid 750] close(12) = -1 EBADF (Bad file descriptor) [pid 750] close(13) = -1 EBADF (Bad file descriptor) [pid 750] close(14) = -1 EBADF (Bad file descriptor) [pid 750] close(15) = -1 EBADF (Bad file descriptor) [pid 750] close(16) = -1 EBADF (Bad file descriptor) [pid 750] close(17) = -1 EBADF (Bad file descriptor) [pid 750] close(18) = -1 EBADF (Bad file descriptor) [pid 750] close(19) = -1 EBADF (Bad file descriptor) [pid 750] close(20) = -1 EBADF (Bad file descriptor) [pid 750] close(21) = -1 EBADF (Bad file descriptor) [pid 750] close(22) = -1 EBADF (Bad file descriptor) [pid 750] close(23) = -1 EBADF (Bad file descriptor) [pid 750] close(24) = -1 EBADF (Bad file descriptor) [pid 750] close(25) = -1 EBADF (Bad file descriptor) [pid 750] close(26) = -1 EBADF (Bad file descriptor) [pid 750] close(27) = -1 EBADF (Bad file descriptor) [pid 750] close(28) = -1 EBADF (Bad file descriptor) [pid 750] close(29) = -1 EBADF (Bad file descriptor) [pid 750] exit_group(0 [pid 751] <... futex resumed>) = ? [pid 750] <... exit_group resumed>) = ? [pid 751] +++ exited with 0 +++ [pid 750] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=8, si_stime=18} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 768] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 762] <... write resumed>) = 20699119 [pid 762] munmap(0x7fc71771c000, 138412032) = 0 [pid 762] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 42.061673][ T751] F2FS-fs (loop1): switch discard_unit option is not allowed [ 42.096343][ T297] syz-executor248: attempt to access beyond end of device [ 42.096343][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 762] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 762] close(3) = 0 [pid 762] close(4) = 0 [pid 762] mkdir("./file4", 0777) = 0 [ 42.125442][ T762] loop2: detected capacity change from 0 to 40427 [ 42.157364][ T762] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 762] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 42.189682][ T762] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 42.220160][ T762] F2FS-fs (loop2): fault_injection options not supported [pid 774] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 768] <... write resumed>) = 20699119 [pid 768] munmap(0x7fc71771c000, 138412032) = 0 [pid 768] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 768] ioctl(4, LOOP_SET_FD, 3 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./15/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./15/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./15/file4") = 0 [pid 298] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./15/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./15") = 0 [pid 298] mkdir("./16", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3 [pid 768] <... ioctl resumed>) = 0 [pid 768] close(3) = 0 [pid 768] close(4) = 0 [pid 768] mkdir("./file4", 0777) = 0 [ 42.240343][ T762] F2FS-fs (loop2): fault_type options not supported [ 42.260230][ T762] F2FS-fs (loop2): invalid crc value [ 42.266207][ T768] loop0: detected capacity change from 0 to 40427 [pid 768] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] <... close resumed>) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 34 executing program ./strace-static-x86_64: Process 778 attached [pid 778] set_robust_list(0x5555875796a0, 24) = 0 [pid 778] chdir("./16") = 0 [pid 778] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 778] setpgid(0, 0) = 0 [pid 778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 778] write(3, "1000", 4) = 4 [pid 778] close(3) = 0 [pid 778] symlink("/dev/binderfs", "./binderfs") = 0 [pid 778] write(1, "executing program\n", 18) = 18 [pid 778] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 778] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 778] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 778] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 778] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 778] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 778] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[35]}, 88) = 35 [pid 778] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 778] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 778] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 779 attached [pid 779] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 779] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 779] memfd_create("syzkaller", 0) = 3 [pid 779] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./15/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./15/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./15/file4") = 0 [pid 297] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./15/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./15") = 0 [pid 297] mkdir("./16", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 42.286469][ T768] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 42.301820][ T768] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 42.311702][ T762] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 34 ./strace-static-x86_64: Process 780 attached [pid 780] set_robust_list(0x5555875796a0, 24) = 0 [pid 780] chdir("./16") = 0 [pid 780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 780] setpgid(0, 0) = 0 [pid 780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 780] write(3, "1000", 4) = 4 [pid 780] close(3) = 0 [pid 780] symlink("/dev/binderfs", "./binderfs") = 0 [pid 780] write(1, "executing program\n", 18executing program ) = 18 [pid 780] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 780] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 780] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 780] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 780] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 780] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 780] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[35]}, 88) = 35 [pid 780] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 780] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 780] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 781 attached [pid 781] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 781] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 781] memfd_create("syzkaller", 0) = 3 [pid 781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 42.341605][ T768] F2FS-fs (loop0): fault_injection options not supported [ 42.349550][ T768] F2FS-fs (loop0): fault_type options not supported [ 42.399037][ T768] F2FS-fs (loop0): invalid crc value [pid 781] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 774] <... write resumed>) = 20699119 [ 42.430159][ T768] F2FS-fs (loop0): Found nat_bits in checkpoint [ 42.465396][ T762] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [pid 774] munmap(0x7fc71771c000, 138412032) = 0 [pid 774] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 774] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 774] close(3) = 0 [pid 774] close(4 [pid 762] <... mount resumed>) = 0 [pid 774] <... close resumed>) = 0 [pid 762] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 774] mkdir("./file4", 0777 [pid 762] <... openat resumed>) = 3 [pid 774] <... mkdir resumed>) = 0 [pid 762] chdir("./file4") = 0 [ 42.480375][ T762] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 42.490832][ T774] loop4: detected capacity change from 0 to 40427 [pid 774] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 762] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 762] ioctl(4, LOOP_CLR_FD) = 0 [pid 762] close(4) = 0 [pid 762] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 761] <... futex resumed>) = 0 [pid 761] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 761] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 762] fspick(AT_FDCWD, ".", 0) = 4 [pid 762] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 761] <... futex resumed>) = 0 [pid 761] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 761] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 762] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 781] <... write resumed>) = 20699119 [pid 781] munmap(0x7fc71771c000, 138412032) = 0 [ 42.522540][ T774] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 42.529585][ T774] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 42.549753][ T762] F2FS-fs (loop2): switch discard_unit option is not allowed [ 42.556864][ T768] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 42.559379][ T774] F2FS-fs (loop4): fault_injection options not supported [pid 762] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 762] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 761] <... futex resumed>) = 0 [pid 762] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 761] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 761] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 781] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 762] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 762] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 781] <... openat resumed>) = 4 [pid 781] ioctl(4, LOOP_SET_FD, 3 [pid 762] <... open resumed>) = 5 [pid 781] <... ioctl resumed>) = 0 [pid 762] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 781] close(3) = 0 [pid 781] close(4) = 0 [pid 781] mkdir("./file4", 0777) = 0 [pid 781] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 762] <... futex resumed>) = 1 [pid 761] <... futex resumed>) = 0 [pid 761] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 761] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 762] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 762] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 762] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 761] <... futex resumed>) = 0 [pid 761] close(3) = 0 [pid 761] close(4) = 0 [pid 761] close(5) = 0 [pid 761] close(6) = -1 EBADF (Bad file descriptor) [pid 761] close(7) = -1 EBADF (Bad file descriptor) [pid 761] close(8) = -1 EBADF (Bad file descriptor) [pid 761] close(9) = -1 EBADF (Bad file descriptor) [pid 761] close(10) = -1 EBADF (Bad file descriptor) [pid 761] close(11) = -1 EBADF (Bad file descriptor) [pid 761] close(12) = -1 EBADF (Bad file descriptor) [pid 761] close(13) = -1 EBADF (Bad file descriptor) [pid 761] close(14) = -1 EBADF (Bad file descriptor) [pid 761] close(15) = -1 EBADF (Bad file descriptor) [pid 761] close(16) = -1 EBADF (Bad file descriptor) [pid 761] close(17) = -1 EBADF (Bad file descriptor) [pid 761] close(18) = -1 EBADF (Bad file descriptor) [pid 761] close(19) = -1 EBADF (Bad file descriptor) [pid 761] close(20) = -1 EBADF (Bad file descriptor) [pid 761] close(21) = -1 EBADF (Bad file descriptor) [pid 761] close(22) = -1 EBADF (Bad file descriptor) [pid 761] close(23) = -1 EBADF (Bad file descriptor) [pid 761] close(24) = -1 EBADF (Bad file descriptor) [pid 761] close(25) = -1 EBADF (Bad file descriptor) [pid 761] close(26) = -1 EBADF (Bad file descriptor) [pid 761] close(27) = -1 EBADF (Bad file descriptor) [pid 761] close(28) = -1 EBADF (Bad file descriptor) [pid 761] close(29) = -1 EBADF (Bad file descriptor) [pid 761] exit_group(0 [pid 762] <... futex resumed>) = ? [pid 761] <... exit_group resumed>) = ? [pid 762] +++ exited with 0 +++ [pid 761] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=8, si_stime=20} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 779] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... restart_syscall resumed>) = 0 [ 42.570950][ T768] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 42.580958][ T781] loop1: detected capacity change from 0 to 40427 [ 42.587928][ T774] F2FS-fs (loop4): fault_type options not supported [ 42.592008][ T781] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 42.603239][ T774] F2FS-fs (loop4): invalid crc value [pid 768] <... mount resumed>) = 0 [pid 768] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 293] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 768] <... openat resumed>) = 3 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 768] chdir("./file4" [pid 293] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 768] <... chdir resumed>) = 0 [pid 768] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 293] <... openat resumed>) = 3 [pid 768] <... openat resumed>) = 4 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 768] ioctl(4, LOOP_CLR_FD [pid 293] getdents64(3, [pid 768] <... ioctl resumed>) = 0 [pid 768] close(4 [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 768] <... close resumed>) = 0 [pid 293] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 768] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 766] <... futex resumed>) = 0 [pid 768] fspick(AT_FDCWD, ".", 0 [pid 766] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 768] <... fspick resumed>) = 4 [pid 766] <... futex resumed>) = 0 [ 42.620133][ T781] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 42.641006][ T293] syz-executor248: attempt to access beyond end of device [ 42.641006][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 42.648695][ T781] F2FS-fs (loop1): fault_injection options not supported [ 42.663269][ T774] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 768] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 766] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 768] <... futex resumed>) = 0 [pid 766] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 768] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 766] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 768] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 766] <... futex resumed>) = 0 [pid 768] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 766] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 768] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 768] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 766] <... futex resumed>) = 0 [pid 768] <... futex resumed>) = 1 [pid 768] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 766] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 766] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 768] <... open resumed>) = 5 [pid 768] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 766] <... futex resumed>) = 0 [pid 766] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 768] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 766] <... futex resumed>) = 0 [pid 766] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 768] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 768] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 766] <... futex resumed>) = 0 [pid 768] <... futex resumed>) = 1 [pid 766] close(3 [pid 768] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 766] <... close resumed>) = 0 [pid 766] close(4) = 0 [pid 766] close(5) = 0 [pid 766] close(6) = -1 EBADF (Bad file descriptor) [pid 766] close(7) = -1 EBADF (Bad file descriptor) [pid 766] close(8) = -1 EBADF (Bad file descriptor) [pid 766] close(9) = -1 EBADF (Bad file descriptor) [pid 766] close(10) = -1 EBADF (Bad file descriptor) [pid 766] close(11) = -1 EBADF (Bad file descriptor) [pid 766] close(12) = -1 EBADF (Bad file descriptor) [pid 766] close(13) = -1 EBADF (Bad file descriptor) [pid 766] close(14) = -1 EBADF (Bad file descriptor) [pid 766] close(15) = -1 EBADF (Bad file descriptor) [pid 766] close(16) = -1 EBADF (Bad file descriptor) [pid 766] close(17) = -1 EBADF (Bad file descriptor) [pid 766] close(18) = -1 EBADF (Bad file descriptor) [pid 766] close(19) = -1 EBADF (Bad file descriptor) [pid 766] close(20) = -1 EBADF (Bad file descriptor) [pid 766] close(21) = -1 EBADF (Bad file descriptor) [pid 766] close(22) = -1 EBADF (Bad file descriptor) [pid 766] close(23) = -1 EBADF (Bad file descriptor) [pid 766] close(24) = -1 EBADF (Bad file descriptor) [pid 766] close(25) = -1 EBADF (Bad file descriptor) [pid 766] close(26) = -1 EBADF (Bad file descriptor) [pid 766] close(27) = -1 EBADF (Bad file descriptor) [pid 766] close(28) = -1 EBADF (Bad file descriptor) [pid 766] close(29) = -1 EBADF (Bad file descriptor) [pid 766] exit_group(0) = ? [pid 768] <... futex resumed>) = ? [pid 768] +++ exited with 0 +++ [pid 766] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=33, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 42.663564][ T781] F2FS-fs (loop1): fault_type options not supported [ 42.678693][ T768] F2FS-fs (loop0): switch discard_unit option is not allowed [ 42.704564][ T781] F2FS-fs (loop1): invalid crc value [pid 294] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 779] <... write resumed>) = 20699119 [pid 779] munmap(0x7fc71771c000, 138412032) = 0 [pid 779] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 42.722850][ T294] syz-executor248: attempt to access beyond end of device [ 42.722850][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 42.751381][ T774] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 42.758472][ T774] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 42.766079][ T779] loop3: detected capacity change from 0 to 40427 [pid 779] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 774] <... mount resumed>) = 0 [pid 779] close(3 [pid 774] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 779] <... close resumed>) = 0 [pid 774] <... openat resumed>) = 3 [pid 779] close(4 [pid 774] chdir("./file4" [pid 779] <... close resumed>) = 0 [pid 774] <... chdir resumed>) = 0 [pid 779] mkdir("./file4", 0777 [pid 774] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 779] <... mkdir resumed>) = 0 [pid 774] <... openat resumed>) = 4 [pid 779] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 774] ioctl(4, LOOP_CLR_FD) = 0 [pid 774] close(4) = 0 [pid 774] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 773] <... futex resumed>) = 0 [pid 773] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 774] fspick(AT_FDCWD, ".", 0 [pid 773] <... futex resumed>) = 0 [pid 773] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 774] <... fspick resumed>) = 4 [pid 774] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 773] <... futex resumed>) = 0 [pid 773] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 773] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 42.771291][ T781] F2FS-fs (loop1): Found nat_bits in checkpoint [ 42.787592][ T779] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 42.808175][ T774] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 774] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 774] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 773] <... futex resumed>) = 0 [pid 773] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 773] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 774] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 774] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 773] <... futex resumed>) = 0 [pid 773] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 773] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 774] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 774] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 773] <... futex resumed>) = 0 [pid 773] close(3) = 0 [pid 773] close(4) = 0 [pid 773] close(5 [pid 774] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 773] <... close resumed>) = 0 [pid 773] close(6) = -1 EBADF (Bad file descriptor) [pid 773] close(7) = -1 EBADF (Bad file descriptor) [pid 773] close(8) = -1 EBADF (Bad file descriptor) [pid 773] close(9) = -1 EBADF (Bad file descriptor) [pid 773] close(10) = -1 EBADF (Bad file descriptor) [pid 773] close(11) = -1 EBADF (Bad file descriptor) [pid 773] close(12) = -1 EBADF (Bad file descriptor) [pid 773] close(13) = -1 EBADF (Bad file descriptor) [pid 773] close(14) = -1 EBADF (Bad file descriptor) [pid 773] close(15) = -1 EBADF (Bad file descriptor) [pid 773] close(16) = -1 EBADF (Bad file descriptor) [pid 773] close(17) = -1 EBADF (Bad file descriptor) [pid 773] close(18) = -1 EBADF (Bad file descriptor) [pid 773] close(19) = -1 EBADF (Bad file descriptor) [pid 773] close(20) = -1 EBADF (Bad file descriptor) [pid 773] close(21) = -1 EBADF (Bad file descriptor) [pid 773] close(22) = -1 EBADF (Bad file descriptor) [pid 773] close(23) = -1 EBADF (Bad file descriptor) [pid 773] close(24) = -1 EBADF (Bad file descriptor) [pid 773] close(25) = -1 EBADF (Bad file descriptor) [pid 773] close(26) = -1 EBADF (Bad file descriptor) [pid 773] close(27) = -1 EBADF (Bad file descriptor) [pid 773] close(28) = -1 EBADF (Bad file descriptor) [pid 773] close(29) = -1 EBADF (Bad file descriptor) [pid 773] exit_group(0) = ? [pid 774] <... futex resumed>) = ? [pid 774] +++ exited with 0 +++ [pid 773] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=32, si_uid=0, si_status=0, si_utime=8, si_stime=18} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 42.820324][ T779] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 299] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 42.849961][ T779] F2FS-fs (loop3): fault_injection options not supported [ 42.857709][ T299] syz-executor248: attempt to access beyond end of device [ 42.857709][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 42.861055][ T779] F2FS-fs (loop3): fault_type options not supported [ 42.891807][ T781] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [pid 299] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 781] <... mount resumed>) = 0 [pid 781] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 781] chdir("./file4") = 0 [pid 781] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 781] ioctl(4, LOOP_CLR_FD) = 0 [pid 781] close(4) = 0 [pid 781] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 780] <... futex resumed>) = 0 [pid 780] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 780] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 781] <... futex resumed>) = 1 [pid 781] fspick(AT_FDCWD, ".", 0) = 4 [pid 781] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 780] <... futex resumed>) = 0 [pid 780] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 780] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 781] <... futex resumed>) = 1 [pid 781] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./15/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./15/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./15/file4") = 0 [pid 293] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./15/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [ 42.899801][ T779] F2FS-fs (loop3): invalid crc value [ 42.905325][ T781] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 42.926128][ T781] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 293] close(3) = 0 [pid 293] rmdir("./15") = 0 [pid 293] mkdir("./16", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 34 [pid 781] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 781] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 780] <... futex resumed>) = 0 [pid 780] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 780] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 781] <... futex resumed>) = 1 [pid 781] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 781] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 780] <... futex resumed>) = 0 [pid 780] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 780] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 781] <... futex resumed>) = 1 [pid 781] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 781] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 780] <... futex resumed>) = 0 [pid 780] close(3) = 0 [pid 780] close(4) = 0 [pid 780] close(5) = 0 [pid 780] close(6) = -1 EBADF (Bad file descriptor) [pid 780] close(7) = -1 EBADF (Bad file descriptor) [pid 780] close(8) = -1 EBADF (Bad file descriptor) [pid 780] close(9) = -1 EBADF (Bad file descriptor) [pid 780] close(10) = -1 EBADF (Bad file descriptor) [pid 780] close(11) = -1 EBADF (Bad file descriptor) [pid 780] close(12) = -1 EBADF (Bad file descriptor) [pid 780] close(13) = -1 EBADF (Bad file descriptor) [pid 780] close(14) = -1 EBADF (Bad file descriptor) [pid 780] close(15) = -1 EBADF (Bad file descriptor) [pid 780] close(16) = -1 EBADF (Bad file descriptor) [pid 780] close(17) = -1 EBADF (Bad file descriptor) [pid 780] close(18) = -1 EBADF (Bad file descriptor) [pid 780] close(19) = -1 EBADF (Bad file descriptor) [pid 780] close(20) = -1 EBADF (Bad file descriptor) [pid 780] close(21) = -1 EBADF (Bad file descriptor) [pid 780] close(22) = -1 EBADF (Bad file descriptor) [pid 780] close(23) = -1 EBADF (Bad file descriptor) [pid 780] close(24) = -1 EBADF (Bad file descriptor) [pid 780] close(25) = -1 EBADF (Bad file descriptor) [pid 780] close(26) = -1 EBADF (Bad file descriptor) [pid 780] close(27) = -1 EBADF (Bad file descriptor) [pid 780] close(28) = -1 EBADF (Bad file descriptor) [pid 780] close(29) = -1 EBADF (Bad file descriptor) [pid 780] exit_group(0) = ? [pid 781] <... futex resumed>) = ? [pid 781] +++ exited with 0 +++ [pid 780] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=34, si_uid=0, si_status=0, si_utime=7, si_stime=14} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 798 attached [pid 798] set_robust_list(0x5555875796a0, 24) = 0 [pid 798] chdir("./16"executing program ) = 0 [pid 798] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 798] setpgid(0, 0) = 0 [pid 798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 798] write(3, "1000", 4) = 4 [pid 798] close(3) = 0 [pid 798] symlink("/dev/binderfs", "./binderfs") = 0 [pid 798] write(1, "executing program\n", 18) = 18 [pid 798] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 798] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 798] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 798] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 798] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 297] <... restart_syscall resumed>) = 0 [pid 297] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 798] rt_sigprocmask(SIG_BLOCK, ~[], [pid 297] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 798] <... rt_sigprocmask resumed>[], 8) = 0 [pid 297] <... openat resumed>) = 3 [pid 798] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 798] <... clone3 resumed> => {parent_tid=[35]}, 88) = 35 ./strace-static-x86_64: Process 799 attached [pid 799] set_robust_list(0x7fc71fb3c9a0, 24 [pid 798] rt_sigprocmask(SIG_SETMASK, [], [pid 294] <... umount2 resumed>) = 0 [pid 799] <... set_robust_list resumed>) = 0 [pid 798] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 294] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 799] rt_sigprocmask(SIG_SETMASK, [], [pid 798] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 799] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 798] <... futex resumed>) = 0 [pid 799] memfd_create("syzkaller", 0 [pid 798] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 294] newfstatat(AT_FDCWD, "./15/file4", [pid 799] <... memfd_create resumed>) = 3 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 294] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./15/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./15/file4") = 0 [ 42.946436][ T779] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 294] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./15/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./15") = 0 [pid 294] mkdir("./16", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 35 ./strace-static-x86_64: Process 800 attached [pid 800] set_robust_list(0x5555875796a0, 24) = 0 [pid 800] chdir("./16") = 0 [pid 800] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 800] setpgid(0, 0) = 0 [pid 800] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 800] write(3, "1000", 4) = 4 [pid 800] close(3) = 0 [pid 800] symlink("/dev/binderfs", "./binderfs") = 0 [pid 800] write(1, "executing program\n", 18executing program ) = 18 [pid 800] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 800] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 800] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 800] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 800] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 800] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 800] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[36]}, 88) = 36 [pid 800] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 800] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 800] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 801 attached [pid 801] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 801] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 801] memfd_create("syzkaller", 0) = 3 [pid 801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 779] <... mount resumed>) = 0 [pid 779] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 779] chdir("./file4") = 0 [pid 779] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 779] ioctl(4, LOOP_CLR_FD) = 0 [pid 779] close(4) = 0 [pid 779] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 778] <... futex resumed>) = 0 [pid 779] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 778] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 779] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 778] <... futex resumed>) = 0 [pid 779] fspick(AT_FDCWD, ".", 0 [pid 778] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 779] <... fspick resumed>) = 4 [pid 779] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 778] <... futex resumed>) = 0 [pid 779] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 778] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 779] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 778] <... futex resumed>) = 0 [pid 779] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 778] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 779] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 779] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 778] <... futex resumed>) = 0 [pid 779] <... futex resumed>) = 1 [pid 778] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 779] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 778] <... futex resumed>) = 0 [pid 778] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 779] <... open resumed>) = 5 [pid 779] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 778] <... futex resumed>) = 0 [pid 779] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 778] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 779] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 778] <... futex resumed>) = 0 [pid 779] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 778] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 779] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 779] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 779] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 778] <... futex resumed>) = 0 [pid 778] close(3) = 0 [pid 778] close(4) = 0 [pid 778] close(5) = 0 [pid 778] close(6) = -1 EBADF (Bad file descriptor) [pid 778] close(7) = -1 EBADF (Bad file descriptor) [pid 778] close(8) = -1 EBADF (Bad file descriptor) [pid 778] close(9) = -1 EBADF (Bad file descriptor) [pid 778] close(10) = -1 EBADF (Bad file descriptor) [pid 778] close(11) = -1 EBADF (Bad file descriptor) [pid 778] close(12) = -1 EBADF (Bad file descriptor) [pid 778] close(13) = -1 EBADF (Bad file descriptor) [pid 778] close(14) = -1 EBADF (Bad file descriptor) [pid 778] close(15) = -1 EBADF (Bad file descriptor) [pid 778] close(16) = -1 EBADF (Bad file descriptor) [pid 778] close(17) = -1 EBADF (Bad file descriptor) [pid 778] close(18) = -1 EBADF (Bad file descriptor) [pid 778] close(19) = -1 EBADF (Bad file descriptor) [pid 778] close(20) = -1 EBADF (Bad file descriptor) [pid 778] close(21) = -1 EBADF (Bad file descriptor) [pid 778] close(22) = -1 EBADF (Bad file descriptor) [pid 778] close(23) = -1 EBADF (Bad file descriptor) [pid 778] close(24) = -1 EBADF (Bad file descriptor) [pid 778] close(25) = -1 EBADF (Bad file descriptor) [pid 778] close(26) = -1 EBADF (Bad file descriptor) [pid 778] close(27) = -1 EBADF (Bad file descriptor) [pid 778] close(28) = -1 EBADF (Bad file descriptor) [pid 778] close(29) = -1 EBADF (Bad file descriptor) [pid 778] exit_group(0 [pid 779] <... futex resumed>) = ? [pid 778] <... exit_group resumed>) = ? [pid 779] +++ exited with 0 +++ [pid 778] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=34, si_uid=0, si_status=0, si_utime=5, si_stime=13} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 43.040616][ T779] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 43.047981][ T779] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 43.071541][ T779] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 298] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 799] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./15/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./15/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./15/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./15/file4") = 0 [pid 299] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./15/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./15") = 0 [pid 299] mkdir("./16", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 34 ./strace-static-x86_64: Process 803 attached [pid 803] set_robust_list(0x5555875796a0, 24) = 0 [pid 803] chdir("./16") = 0 [pid 803] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 803] setpgid(0, 0) = 0 [pid 803] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 803] write(3, "1000", 4) = 4 [pid 803] close(3) = 0 [pid 803] symlink("/dev/binderfs", "./binderfs") = 0 [pid 803] write(1, "executing program\n", 18executing program ) = 18 [pid 803] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 803] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 803] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 803] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 803] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 803] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 803] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[35]}, 88) = 35 [pid 803] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 803] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 803] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 804 attached [pid 804] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 804] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 804] memfd_create("syzkaller", 0) = 3 [pid 804] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./16/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./16/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./16/file4") = 0 [pid 297] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./16/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./16") = 0 [pid 297] mkdir("./17", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 36 ./strace-static-x86_64: Process 805 attached [pid 805] set_robust_list(0x5555875796a0, 24) = 0 [pid 805] chdir("./17") = 0 [pid 805] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 805] setpgid(0, 0) = 0 [pid 805] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 805] write(3, "1000", 4) = 4 [pid 805] close(3) = 0 [pid 805] symlink("/dev/binderfs", "./binderfs") = 0 [pid 805] write(1, "executing program\n", 18executing program ) = 18 [pid 805] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 805] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 805] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 805] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 805] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 805] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 805] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[37]}, 88) = 37 [pid 805] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 805] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 805] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 806 attached [pid 806] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 806] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 806] memfd_create("syzkaller", 0) = 3 [pid 806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./16/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./16/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./16/file4") = 0 [pid 298] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./16/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./16") = 0 [pid 298] mkdir("./17", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 36 [pid 801] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 807 attached [pid 807] set_robust_list(0x5555875796a0, 24) = 0 [pid 807] chdir("./17") = 0 [pid 807] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 807] setpgid(0, 0) = 0 [pid 807] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 807] write(3, "1000", 4) = 4 [pid 807] close(3) = 0 [pid 807] symlink("/dev/binderfs", "./binderfs") = 0 [pid 807] write(1, "executing program\n", 18executing program ) = 18 [pid 807] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 807] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 807] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 807] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 807] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 807] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 807] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[37]}, 88) = 37 [pid 807] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 807] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 807] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 799] <... write resumed>) = 20699119 [pid 799] munmap(0x7fc71771c000, 138412032./strace-static-x86_64: Process 808 attached ) = 0 [pid 808] set_robust_list(0x7fc71fb3c9a0, 24 [pid 799] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 808] <... set_robust_list resumed>) = 0 [pid 808] rt_sigprocmask(SIG_SETMASK, [], [pid 799] <... openat resumed>) = 4 [pid 808] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 799] ioctl(4, LOOP_SET_FD, 3 [pid 808] memfd_create("syzkaller", 0) = 3 [pid 808] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 799] <... ioctl resumed>) = 0 [pid 799] close(3) = 0 [pid 799] close(4) = 0 [pid 799] mkdir("./file4", 0777) = 0 [ 43.378897][ T799] loop2: detected capacity change from 0 to 40427 [ 43.413645][ T799] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 799] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 804] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 43.431541][ T799] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 43.460751][ T799] F2FS-fs (loop2): fault_injection options not supported [pid 806] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 801] <... write resumed>) = 20699119 [ 43.489524][ T799] F2FS-fs (loop2): fault_type options not supported [ 43.508388][ T799] F2FS-fs (loop2): invalid crc value [pid 801] munmap(0x7fc71771c000, 138412032) = 0 [pid 801] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 801] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 801] close(3) = 0 [pid 801] close(4) = 0 [pid 801] mkdir("./file4", 0777) = 0 [ 43.534528][ T799] F2FS-fs (loop2): Found nat_bits in checkpoint [ 43.551137][ T801] loop0: detected capacity change from 0 to 40427 [pid 801] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 804] <... write resumed>) = 20699119 [pid 804] munmap(0x7fc71771c000, 138412032) = 0 [ 43.583325][ T801] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 43.596607][ T801] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 43.622785][ T801] F2FS-fs (loop0): fault_injection options not supported [pid 804] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 808] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 804] <... openat resumed>) = 4 [pid 804] ioctl(4, LOOP_SET_FD, 3 [pid 806] <... write resumed>) = 20699119 [pid 806] munmap(0x7fc71771c000, 138412032) = 0 [pid 806] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 806] ioctl(4, LOOP_SET_FD, 3 [pid 799] <... mount resumed>) = 0 [pid 799] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 804] <... ioctl resumed>) = 0 [pid 804] close(3) = 0 [pid 804] close(4) = 0 [pid 804] mkdir("./file4", 0777) = 0 [pid 804] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 799] chdir("./file4") = 0 [pid 799] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 799] ioctl(4, LOOP_CLR_FD) = 0 [pid 806] <... ioctl resumed>) = 0 [pid 799] close(4) = 0 [pid 799] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 799] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 798] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 799] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 799] fspick(AT_FDCWD, ".", 0 [pid 798] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] <... fspick resumed>) = 4 [pid 799] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 799] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 798] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 799] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 798] <... futex resumed>) = 0 [pid 799] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 798] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 806] close(3) = 0 [pid 806] close(4) = 0 [pid 806] mkdir("./file4", 0777) = 0 [ 43.635221][ T801] F2FS-fs (loop0): fault_type options not supported [ 43.644131][ T804] loop4: detected capacity change from 0 to 40427 [ 43.651282][ T799] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 43.656814][ T806] loop1: detected capacity change from 0 to 40427 [ 43.658689][ T799] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 43.674665][ T801] F2FS-fs (loop0): invalid crc value [ 43.679371][ T804] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 806] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 799] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 799] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 798] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 43.692638][ T799] F2FS-fs (loop2): switch discard_unit option is not allowed [ 43.694100][ T806] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 43.708803][ T804] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 43.717381][ T806] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 43.729739][ T801] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.729797][ T804] F2FS-fs (loop4): fault_injection options not supported [pid 798] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 799] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 799] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 798] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 799] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 798] <... futex resumed>) = 0 [pid 799] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 798] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 799] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 799] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 798] <... futex resumed>) = 0 [pid 799] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 798] close(3) = 0 [pid 798] close(4) = 0 [pid 798] close(5) = 0 [pid 798] close(6) = -1 EBADF (Bad file descriptor) [pid 798] close(7) = -1 EBADF (Bad file descriptor) [pid 798] close(8) = -1 EBADF (Bad file descriptor) [pid 798] close(9) = -1 EBADF (Bad file descriptor) [pid 798] close(10) = -1 EBADF (Bad file descriptor) [pid 798] close(11) = -1 EBADF (Bad file descriptor) [pid 798] close(12) = -1 EBADF (Bad file descriptor) [pid 798] close(13) = -1 EBADF (Bad file descriptor) [pid 798] close(14) = -1 EBADF (Bad file descriptor) [pid 798] close(15) = -1 EBADF (Bad file descriptor) [pid 798] close(16) = -1 EBADF (Bad file descriptor) [pid 798] close(17) = -1 EBADF (Bad file descriptor) [pid 798] close(18) = -1 EBADF (Bad file descriptor) [pid 798] close(19) = -1 EBADF (Bad file descriptor) [pid 798] close(20) = -1 EBADF (Bad file descriptor) [pid 798] close(21) = -1 EBADF (Bad file descriptor) [pid 798] close(22) = -1 EBADF (Bad file descriptor) [pid 798] close(23) = -1 EBADF (Bad file descriptor) [pid 798] close(24) = -1 EBADF (Bad file descriptor) [pid 798] close(25) = -1 EBADF (Bad file descriptor) [pid 798] close(26) = -1 EBADF (Bad file descriptor) [pid 798] close(27) = -1 EBADF (Bad file descriptor) [pid 798] close(28) = -1 EBADF (Bad file descriptor) [pid 798] close(29) = -1 EBADF (Bad file descriptor) [pid 798] exit_group(0 [pid 799] <... futex resumed>) = ? [pid 798] <... exit_group resumed>) = ? [pid 799] +++ exited with 0 +++ [pid 798] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=34, si_uid=0, si_status=0, si_utime=4, si_stime=23} --- [ 43.763516][ T806] F2FS-fs (loop1): fault_injection options not supported [ 43.771394][ T806] F2FS-fs (loop1): fault_type options not supported [ 43.779423][ T804] F2FS-fs (loop4): fault_type options not supported [ 43.786466][ T806] F2FS-fs (loop1): invalid crc value [ 43.793676][ T804] F2FS-fs (loop4): invalid crc value [ 43.802363][ T801] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [pid 293] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW [pid 808] <... write resumed>) = 20699119 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 808] munmap(0x7fc71771c000, 138412032 [pid 293] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 801] <... mount resumed>) = 0 [pid 293] <... openat resumed>) = 3 [pid 808] <... munmap resumed>) = 0 [pid 293] newfstatat(3, "", [pid 801] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 808] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 808] ioctl(4, LOOP_SET_FD, 3 [pid 801] <... openat resumed>) = 3 [pid 293] getdents64(3, [pid 801] chdir("./file4" [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 801] <... chdir resumed>) = 0 [pid 801] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 293] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 801] <... openat resumed>) = 4 [pid 808] <... ioctl resumed>) = 0 [pid 801] ioctl(4, LOOP_CLR_FD) = 0 [pid 801] close(4) = 0 [pid 808] close(3) = 0 [pid 808] close(4) = 0 [pid 808] mkdir("./file4", 0777) = 0 [pid 808] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 801] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 801] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 800] <... futex resumed>) = 0 [pid 800] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 801] <... futex resumed>) = 0 [pid 800] <... futex resumed>) = 1 [pid 801] fspick(AT_FDCWD, ".", 0 [pid 800] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 801] <... fspick resumed>) = 4 [pid 801] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 800] <... futex resumed>) = 0 [pid 801] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 800] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 801] <... futex resumed>) = 0 [pid 800] <... futex resumed>) = 1 [pid 801] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 43.810131][ T801] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 43.820683][ T806] F2FS-fs (loop1): Found nat_bits in checkpoint [ 43.821468][ T808] loop3: detected capacity change from 0 to 40427 [ 43.836284][ T804] F2FS-fs (loop4): Found nat_bits in checkpoint [ 43.853376][ T801] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 800] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 801] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 801] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 800] <... futex resumed>) = 0 [pid 801] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 800] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 801] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 800] <... futex resumed>) = 0 [pid 800] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 801] <... open resumed>) = 5 [pid 801] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 800] <... futex resumed>) = 0 [pid 801] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 800] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 801] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 800] <... futex resumed>) = 0 [pid 801] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 800] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 801] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 801] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 800] <... futex resumed>) = 0 [pid 801] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 800] close(3) = 0 [pid 800] close(4) = 0 [pid 800] close(5) = 0 [pid 800] close(6) = -1 EBADF (Bad file descriptor) [pid 800] close(7) = -1 EBADF (Bad file descriptor) [pid 800] close(8) = -1 EBADF (Bad file descriptor) [pid 800] close(9) = -1 EBADF (Bad file descriptor) [pid 800] close(10) = -1 EBADF (Bad file descriptor) [pid 800] close(11) = -1 EBADF (Bad file descriptor) [pid 800] close(12) = -1 EBADF (Bad file descriptor) [pid 800] close(13) = -1 EBADF (Bad file descriptor) [pid 800] close(14) = -1 EBADF (Bad file descriptor) [pid 800] close(15) = -1 EBADF (Bad file descriptor) [pid 800] close(16) = -1 EBADF (Bad file descriptor) [pid 800] close(17) = -1 EBADF (Bad file descriptor) [pid 800] close(18) = -1 EBADF (Bad file descriptor) [pid 800] close(19) = -1 EBADF (Bad file descriptor) [pid 800] close(20) = -1 EBADF (Bad file descriptor) [pid 800] close(21) = -1 EBADF (Bad file descriptor) [pid 800] close(22) = -1 EBADF (Bad file descriptor) [pid 800] close(23) = -1 EBADF (Bad file descriptor) [pid 800] close(24) = -1 EBADF (Bad file descriptor) [pid 800] close(25) = -1 EBADF (Bad file descriptor) [pid 800] close(26) = -1 EBADF (Bad file descriptor) [pid 800] close(27) = -1 EBADF (Bad file descriptor) [pid 800] close(28) = -1 EBADF (Bad file descriptor) [pid 800] close(29) = -1 EBADF (Bad file descriptor) [pid 800] exit_group(0 [pid 801] <... futex resumed>) = ? [pid 800] <... exit_group resumed>) = ? [pid 801] +++ exited with 0 +++ [pid 800] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=35, si_uid=0, si_status=0, si_utime=9, si_stime=17} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 43.856395][ T808] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 294] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 806] <... mount resumed>) = 0 [pid 806] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 806] chdir("./file4") = 0 [pid 806] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 806] ioctl(4, LOOP_CLR_FD) = 0 [pid 806] close(4) = 0 [pid 806] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 805] <... futex resumed>) = 0 [pid 806] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 805] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 806] <... futex resumed>) = 0 [pid 805] <... futex resumed>) = 1 [pid 806] fspick(AT_FDCWD, ".", 0) = 4 [pid 805] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 806] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 805] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 806] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 43.899700][ T806] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 43.920430][ T806] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 43.922690][ T808] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 805] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 805] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 806] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 806] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 805] <... futex resumed>) = 0 [pid 806] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 805] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 806] <... futex resumed>) = 0 [pid 805] <... futex resumed>) = 1 [pid 806] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 805] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 806] <... open resumed>) = 5 [pid 806] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 805] <... futex resumed>) = 0 [pid 806] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 805] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 806] <... futex resumed>) = 0 [pid 805] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 806] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 806] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 805] <... futex resumed>) = 0 [pid 806] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 805] close(3) = 0 [pid 805] close(4) = 0 [pid 805] close(5) = 0 [pid 805] close(6) = -1 EBADF (Bad file descriptor) [pid 805] close(7) = -1 EBADF (Bad file descriptor) [pid 805] close(8) = -1 EBADF (Bad file descriptor) [pid 805] close(9) = -1 EBADF (Bad file descriptor) [pid 805] close(10) = -1 EBADF (Bad file descriptor) [pid 805] close(11) = -1 EBADF (Bad file descriptor) [pid 805] close(12) = -1 EBADF (Bad file descriptor) [pid 805] close(13) = -1 EBADF (Bad file descriptor) [pid 805] close(14) = -1 EBADF (Bad file descriptor) [pid 805] close(15) = -1 EBADF (Bad file descriptor) [pid 805] close(16) = -1 EBADF (Bad file descriptor) [pid 805] close(17) = -1 EBADF (Bad file descriptor) [pid 805] close(18) = -1 EBADF (Bad file descriptor) [pid 805] close(19) = -1 EBADF (Bad file descriptor) [pid 805] close(20) = -1 EBADF (Bad file descriptor) [pid 805] close(21) = -1 EBADF (Bad file descriptor) [pid 805] close(22) = -1 EBADF (Bad file descriptor) [pid 805] close(23) = -1 EBADF (Bad file descriptor) [pid 805] close(24) = -1 EBADF (Bad file descriptor) [pid 805] close(25) = -1 EBADF (Bad file descriptor) [pid 805] close(26) = -1 EBADF (Bad file descriptor) [pid 805] close(27) = -1 EBADF (Bad file descriptor) [pid 805] close(28) = -1 EBADF (Bad file descriptor) [pid 805] close(29) = -1 EBADF (Bad file descriptor) [pid 805] exit_group(0) = ? [pid 806] <... futex resumed>) = ? [pid 806] +++ exited with 0 +++ [pid 805] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=10, si_stime=15} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 43.951890][ T806] F2FS-fs (loop1): switch discard_unit option is not allowed [ 43.988373][ T808] F2FS-fs (loop3): fault_injection options not supported [pid 297] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 804] <... mount resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 804] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 293] newfstatat(AT_FDCWD, "./16/file4", [pid 804] <... openat resumed>) = 3 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 804] chdir("./file4" [pid 293] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 804] <... chdir resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 804] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 293] openat(AT_FDCWD, "./16/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 804] <... openat resumed>) = 4 [pid 293] newfstatat(4, "", [pid 804] ioctl(4, LOOP_CLR_FD [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 804] <... ioctl resumed>) = 0 [pid 293] getdents64(4, [pid 804] close(4 [pid 293] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 804] <... close resumed>) = 0 [pid 293] getdents64(4, [pid 804] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 804] <... futex resumed>) = 1 [pid 293] close(4 [pid 804] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 293] <... close resumed>) = 0 [pid 803] <... futex resumed>) = 0 [pid 293] rmdir("./16/file4" [pid 803] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... rmdir resumed>) = 0 [pid 804] <... futex resumed>) = 0 [pid 803] <... futex resumed>) = 1 [pid 293] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 804] fspick(AT_FDCWD, ".", 0) = 4 [pid 803] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 804] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] newfstatat(AT_FDCWD, "./16/binderfs", [pid 804] <... futex resumed>) = 0 [pid 804] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 803] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 293] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 803] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] unlink("./16/binderfs" [pid 804] <... futex resumed>) = 0 [pid 803] <... futex resumed>) = 1 [pid 293] <... unlink resumed>) = 0 [pid 804] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 43.998381][ T808] F2FS-fs (loop3): fault_type options not supported [ 44.019143][ T804] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 44.028279][ T804] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 44.036031][ T808] F2FS-fs (loop3): invalid crc value [pid 293] getdents64(3, [pid 803] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 293] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./16") = 0 [pid 293] mkdir("./17", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 36 [pid 804] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 804] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 803] <... futex resumed>) = 0 [pid 803] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 803] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 827 attached [pid 804] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 827] set_robust_list(0x5555875796a0, 24 [pid 804] <... open resumed>) = 5 [pid 827] <... set_robust_list resumed>) = 0 [pid 804] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 827] chdir("./17" [pid 804] <... futex resumed>) = 1 [pid 803] <... futex resumed>) = 0 [pid 827] <... chdir resumed>) = 0 [pid 804] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 827] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 804] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 803] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 827] <... prctl resumed>) = 0 [pid 804] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 827] setpgid(0, 0 [pid 803] <... futex resumed>) = 0 [pid 827] <... setpgid resumed>) = 0 [pid 804] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 803] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 804] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 827] <... openat resumed>) = 3 [pid 804] <... futex resumed>) = 1 [pid 803] <... futex resumed>) = 0 [pid 827] write(3, "1000", 4 [pid 804] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 827] <... write resumed>) = 4 [pid 803] close(3 [pid 827] close(3) = 0 [pid 803] <... close resumed>) = 0 [pid 827] symlink("/dev/binderfs", "./binderfs" [pid 803] close(4executing program [pid 827] <... symlink resumed>) = 0 [pid 803] <... close resumed>) = 0 [pid 827] write(1, "executing program\n", 18) = 18 [pid 803] close(5 [pid 827] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 803] <... close resumed>) = 0 [pid 827] <... futex resumed>) = 0 [pid 803] close(6 [pid 827] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 827] <... rt_sigaction resumed>NULL, 8) = 0 [pid 827] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 803] close(7 [pid 827] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 827] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 827] <... mmap resumed>) = 0x7fc71fb1c000 [pid 803] close(8 [pid 827] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 803] close(9 [pid 827] rt_sigprocmask(SIG_BLOCK, ~[], [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 827] <... rt_sigprocmask resumed>[], 8) = 0 [pid 803] close(10 [pid 827] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 803] close(11) = -1 EBADF (Bad file descriptor) [pid 803] close(12 [pid 827] <... clone3 resumed> => {parent_tid=[37]}, 88) = 37 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 827] rt_sigprocmask(SIG_SETMASK, [], [pid 803] close(13 [pid 827] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 827] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 803] close(14 [pid 827] <... futex resumed>) = 0 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 827] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 803] close(15) = -1 EBADF (Bad file descriptor) [pid 803] close(16) = -1 EBADF (Bad file descriptor) [pid 803] close(17) = -1 EBADF (Bad file descriptor) [pid 803] close(18) = -1 EBADF (Bad file descriptor) [pid 803] close(19) = -1 EBADF (Bad file descriptor) [pid 803] close(20) = -1 EBADF (Bad file descriptor) [pid 803] close(21./strace-static-x86_64: Process 829 attached ) = -1 EBADF (Bad file descriptor) [pid 294] <... umount2 resumed>) = 0 [pid 803] close(22 [pid 829] set_robust_list(0x7fc71fb3c9a0, 24 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 803] close(23) = -1 EBADF (Bad file descriptor) [pid 829] <... set_robust_list resumed>) = 0 [pid 803] close(24 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] newfstatat(AT_FDCWD, "./16/file4", [pid 829] rt_sigprocmask(SIG_SETMASK, [], [pid 803] close(25 [pid 829] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 803] close(26 [pid 829] memfd_create("syzkaller", 0 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 829] <... memfd_create resumed>) = 3 [pid 803] close(27 [pid 829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 829] <... mmap resumed>) = 0x7fc71771c000 [pid 803] close(28 [pid 294] openat(AT_FDCWD, "./16/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 803] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 803] close(29) = -1 EBADF (Bad file descriptor) [pid 803] exit_group(0) = ? [pid 804] <... futex resumed>) = ? [pid 294] <... openat resumed>) = 4 [pid 804] +++ exited with 0 +++ [pid 803] +++ exited with 0 +++ [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=34, si_uid=0, si_status=0, si_utime=6, si_stime=23} --- [pid 294] getdents64(4, [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 294] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./16/file4") = 0 [pid 294] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./16/binderfs" [pid 299] <... restart_syscall resumed>) = 0 [pid 294] <... unlink resumed>) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] close(3 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... close resumed>) = 0 [pid 294] rmdir("./16" [pid 299] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] <... rmdir resumed>) = 0 [pid 299] <... openat resumed>) = 3 [pid 294] mkdir("./17", 0777 [pid 299] newfstatat(3, "", [pid 294] <... mkdir resumed>) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 299] getdents64(3, [pid 294] <... openat resumed>) = 3 [pid 299] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] ioctl(3, LOOP_CLR_FD [pid 299] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 37 ./strace-static-x86_64: Process 830 attached [pid 830] set_robust_list(0x5555875796a0, 24) = 0 [pid 830] chdir("./17") = 0 [pid 830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 830] setpgid(0, 0) = 0 [pid 830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 830] write(3, "1000", 4) = 4 [pid 830] close(3) = 0 [pid 830] symlink("/dev/binderfs", "./binderfs") = 0 [pid 830] write(1, "executing program\n", 18executing program ) = 18 [pid 830] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 830] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 830] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 830] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 830] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 830] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 830] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[38]}, 88) = 38 [pid 830] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 830] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 44.062758][ T804] F2FS-fs (loop4): switch discard_unit option is not allowed [ 44.096363][ T808] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 830] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 831 attached [pid 831] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 831] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 831] memfd_create("syzkaller", 0) = 3 [pid 831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./17/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./17/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./17/file4") = 0 [pid 297] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./17/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./17") = 0 [pid 297] mkdir("./18", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3 [pid 808] <... mount resumed>) = 0 [pid 297] <... close resumed>) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 808] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 808] chdir("./file4") = 0 [pid 808] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 808] ioctl(4, LOOP_CLR_FD) = 0 [pid 808] close(4) = 0 [pid 808] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 807] <... futex resumed>) = 0 [pid 807] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 807] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 808] <... futex resumed>) = 1 [pid 808] fspick(AT_FDCWD, ".", 0) = 4 [pid 808] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 807] <... futex resumed>) = 0 [pid 807] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 807] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 808] <... futex resumed>) = 1 [pid 808] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 297] <... clone resumed>, child_tidptr=0x555587579690) = 38 [ 44.208009][ T808] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 44.219523][ T808] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 808] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 833 attached [pid 833] set_robust_list(0x5555875796a0, 24) = 0 [pid 833] chdir("./18") = 0 [pid 833] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 833] setpgid(0, 0) = 0 [pid 833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 833] write(3, "1000", 4) = 4 [pid 833] close(3) = 0 [pid 833] symlink("/dev/binderfs", "./binderfs") = 0 [pid 833] write(1, "executing program\n", 18executing program ) = 18 [pid 833] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 833] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 833] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 833] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 833] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 833] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 833] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[39]}, 88) = 39 [pid 833] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 833] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 833] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 808] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 807] <... futex resumed>) = 0 [pid 807] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 807] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 808] <... futex resumed>) = 1 [pid 808] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 808] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 807] <... futex resumed>) = 0 [pid 807] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 807] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 808] <... futex resumed>) = 1 [pid 808] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 834 attached [pid 808] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 807] <... futex resumed>) = 0 [pid 807] close(3) = 0 [pid 807] close(4) = 0 [pid 807] close(5) = 0 [pid 807] close(6) = -1 EBADF (Bad file descriptor) [pid 807] close(7) = -1 EBADF (Bad file descriptor) [pid 807] close(8) = -1 EBADF (Bad file descriptor) [pid 807] close(9) = -1 EBADF (Bad file descriptor) [pid 807] close(10) = -1 EBADF (Bad file descriptor) [pid 807] close(11) = -1 EBADF (Bad file descriptor) [pid 807] close(12) = -1 EBADF (Bad file descriptor) [pid 807] close(13) = -1 EBADF (Bad file descriptor) [pid 807] close(14) = -1 EBADF (Bad file descriptor) [pid 807] close(15) = -1 EBADF (Bad file descriptor) [pid 807] close(16) = -1 EBADF (Bad file descriptor) [pid 807] close(17) = -1 EBADF (Bad file descriptor) [pid 807] close(18) = -1 EBADF (Bad file descriptor) [pid 807] close(19) = -1 EBADF (Bad file descriptor) [pid 807] close(20) = -1 EBADF (Bad file descriptor) [pid 807] close(21) = -1 EBADF (Bad file descriptor) [pid 807] close(22) = -1 EBADF (Bad file descriptor) [pid 807] close(23) = -1 EBADF (Bad file descriptor) [pid 807] close(24) = -1 EBADF (Bad file descriptor) [pid 807] close(25) = -1 EBADF (Bad file descriptor) [pid 807] close(26) = -1 EBADF (Bad file descriptor) [pid 807] close(27) = -1 EBADF (Bad file descriptor) [pid 807] close(28) = -1 EBADF (Bad file descriptor) [pid 807] close(29) = -1 EBADF (Bad file descriptor) [pid 807] exit_group(0) = ? [pid 808] <... futex resumed>) = ? [pid 808] +++ exited with 0 +++ [pid 807] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=9, si_stime=19} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 834] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 834] rt_sigprocmask(SIG_SETMASK, [], [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 834] memfd_create("syzkaller", 0 [pid 829] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 834] <... memfd_create resumed>) = 3 [pid 834] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 44.260597][ T808] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./16/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./16/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./16/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./16/file4") = 0 [pid 299] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./16/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./16") = 0 [pid 299] mkdir("./17", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 36 ./strace-static-x86_64: Process 835 attached [pid 835] set_robust_list(0x5555875796a0, 24) = 0 [pid 835] chdir("./17") = 0 [pid 835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 835] setpgid(0, 0) = 0 [pid 835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 835] write(3, "1000", 4) = 4 [pid 835] close(3) = 0 [pid 835] symlink("/dev/binderfs", "./binderfs") = 0 [pid 835] write(1, "executing program\n", 18executing program ) = 18 [pid 835] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 835] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 835] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 835] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 835] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 835] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 835] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[37]}, 88) = 37 [pid 835] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 835] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 835] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 836 attached [pid 836] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 836] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 836] memfd_create("syzkaller", 0) = 3 [pid 836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 831] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 829] <... write resumed>) = 20699119 [pid 829] munmap(0x7fc71771c000, 138412032) = 0 [pid 829] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 829] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 829] close(3) = 0 [pid 829] close(4) = 0 [pid 829] mkdir("./file4", 0777) = 0 [pid 829] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] <... umount2 resumed>) = 0 [ 44.500976][ T829] loop2: detected capacity change from 0 to 40427 [ 44.528097][ T829] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 298] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./17/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./17/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./17/file4") = 0 [pid 298] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./17/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./17") = 0 [pid 298] mkdir("./18", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 38 ./strace-static-x86_64: Process 837 attached [pid 837] set_robust_list(0x5555875796a0, 24) = 0 [pid 837] chdir("./18") = 0 [pid 837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 837] setpgid(0, 0) = 0 [pid 837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 837] write(3, "1000", 4) = 4 [pid 837] close(3) = 0 executing program [pid 837] symlink("/dev/binderfs", "./binderfs") = 0 [pid 837] write(1, "executing program\n", 18) = 18 [pid 837] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 837] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 837] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 837] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 837] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[39]}, 88) = 39 [pid 837] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 838 attached [pid 837] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 837] <... futex resumed>) = 0 [pid 837] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 838] set_robust_list(0x7fc71fb3c9a0, 24 [pid 831] <... write resumed>) = 20699119 [pid 831] munmap(0x7fc71771c000, 138412032) = 0 [pid 831] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 838] <... set_robust_list resumed>) = 0 [pid 838] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 838] memfd_create("syzkaller", 0 [pid 831] <... openat resumed>) = 4 [pid 838] <... memfd_create resumed>) = 3 [pid 838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 44.545561][ T829] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 44.567733][ T829] F2FS-fs (loop2): fault_injection options not supported [ 44.579415][ T829] F2FS-fs (loop2): fault_type options not supported [pid 831] ioctl(4, LOOP_SET_FD, 3 [pid 836] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 831] <... ioctl resumed>) = 0 [pid 831] close(3) = 0 [pid 831] close(4) = 0 [pid 831] mkdir("./file4", 0777) = 0 [ 44.596373][ T831] loop0: detected capacity change from 0 to 40427 [ 44.614636][ T831] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 44.619660][ T829] F2FS-fs (loop2): invalid crc value [ 44.635162][ T831] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 44.653206][ T829] F2FS-fs (loop2): Found nat_bits in checkpoint [ 44.659867][ T831] F2FS-fs (loop0): fault_injection options not supported [ 44.688236][ T831] F2FS-fs (loop0): fault_type options not supported [pid 831] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 829] <... mount resumed>) = 0 [pid 829] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 829] chdir("./file4") = 0 [pid 829] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 829] ioctl(4, LOOP_CLR_FD) = 0 [pid 829] close(4) = 0 [pid 836] <... write resumed>) = 20699119 [pid 829] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 827] <... futex resumed>) = 0 [pid 827] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 829] fspick(AT_FDCWD, ".", 0 [pid 827] <... futex resumed>) = 0 [pid 829] <... fspick resumed>) = 4 [pid 827] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 829] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 827] <... futex resumed>) = 0 [pid 829] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 827] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 829] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 827] <... futex resumed>) = 0 [pid 829] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 44.710380][ T831] F2FS-fs (loop0): invalid crc value [ 44.719491][ T829] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 44.737558][ T829] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 44.752195][ T831] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 827] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 834] <... write resumed>) = 20699119 [pid 836] munmap(0x7fc71771c000, 138412032) = 0 [pid 836] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 836] ioctl(4, LOOP_SET_FD, 3 [pid 834] munmap(0x7fc71771c000, 138412032) = 0 [pid 834] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 829] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 834] <... openat resumed>) = 4 [pid 834] ioctl(4, LOOP_SET_FD, 3 [pid 838] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 829] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 827] <... futex resumed>) = 0 [pid 829] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 827] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 829] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 827] <... futex resumed>) = 0 [pid 829] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 827] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 836] <... ioctl resumed>) = 0 [pid 829] <... open resumed>) = 5 [pid 836] close(3) = 0 [pid 829] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 827] <... futex resumed>) = 0 [pid 829] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 827] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 829] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 827] <... futex resumed>) = 0 [pid 829] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 827] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 829] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 829] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 836] close(4 [pid 829] <... futex resumed>) = 1 [pid 836] <... close resumed>) = 0 [pid 836] mkdir("./file4", 0777 [pid 827] <... futex resumed>) = 0 [pid 836] <... mkdir resumed>) = 0 [pid 836] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 827] close(3 [pid 834] <... ioctl resumed>) = 0 [pid 834] close(3) = 0 [pid 834] close(4) = 0 [pid 834] mkdir("./file4", 0777) = 0 [pid 834] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 829] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 827] <... close resumed>) = 0 [pid 827] close(4) = 0 [pid 827] close(5) = 0 [ 44.768320][ T829] F2FS-fs (loop2): switch discard_unit option is not allowed [ 44.781658][ T836] loop4: detected capacity change from 0 to 40427 [ 44.790995][ T834] loop1: detected capacity change from 0 to 40427 [ 44.807359][ T836] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 827] close(6) = -1 EBADF (Bad file descriptor) [pid 827] close(7) = -1 EBADF (Bad file descriptor) [pid 827] close(8) = -1 EBADF (Bad file descriptor) [pid 827] close(9) = -1 EBADF (Bad file descriptor) [pid 827] close(10) = -1 EBADF (Bad file descriptor) [pid 827] close(11) = -1 EBADF (Bad file descriptor) [pid 827] close(12) = -1 EBADF (Bad file descriptor) [pid 827] close(13) = -1 EBADF (Bad file descriptor) [pid 827] close(14) = -1 EBADF (Bad file descriptor) [pid 827] close(15) = -1 EBADF (Bad file descriptor) [pid 827] close(16) = -1 EBADF (Bad file descriptor) [pid 827] close(17) = -1 EBADF (Bad file descriptor) [pid 827] close(18) = -1 EBADF (Bad file descriptor) [pid 827] close(19) = -1 EBADF (Bad file descriptor) [pid 827] close(20) = -1 EBADF (Bad file descriptor) [pid 827] close(21) = -1 EBADF (Bad file descriptor) [pid 827] close(22) = -1 EBADF (Bad file descriptor) [pid 827] close(23) = -1 EBADF (Bad file descriptor) [pid 827] close(24) = -1 EBADF (Bad file descriptor) [pid 827] close(25) = -1 EBADF (Bad file descriptor) [pid 827] close(26) = -1 EBADF (Bad file descriptor) [pid 827] close(27) = -1 EBADF (Bad file descriptor) [pid 827] close(28) = -1 EBADF (Bad file descriptor) [pid 827] close(29) = -1 EBADF (Bad file descriptor) [pid 827] exit_group(0 [pid 829] <... futex resumed>) = ? [pid 827] <... exit_group resumed>) = ? [pid 829] +++ exited with 0 +++ [pid 827] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=9, si_stime=20} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 44.816512][ T834] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 44.838395][ T836] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 44.848437][ T834] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 44.864188][ T836] F2FS-fs (loop4): fault_injection options not supported [ 44.874284][ T834] F2FS-fs (loop1): fault_injection options not supported [pid 293] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 831] <... mount resumed>) = 0 [pid 831] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 831] chdir("./file4") = 0 [pid 831] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 831] ioctl(4, LOOP_CLR_FD) = 0 [pid 831] close(4) = 0 [pid 831] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 831] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 830] <... futex resumed>) = 0 [pid 830] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 830] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] <... futex resumed>) = 0 [pid 831] fspick(AT_FDCWD, ".", 0) = 4 [pid 831] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 830] <... futex resumed>) = 0 [pid 831] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 830] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 831] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 830] <... futex resumed>) = 0 [ 44.883304][ T836] F2FS-fs (loop4): fault_type options not supported [ 44.890566][ T831] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 44.898116][ T834] F2FS-fs (loop1): fault_type options not supported [ 44.904905][ T831] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 44.914032][ T836] F2FS-fs (loop4): invalid crc value [ 44.920925][ T834] F2FS-fs (loop1): invalid crc value [pid 831] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 830] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 831] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 830] <... futex resumed>) = 0 [pid 830] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 830] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 831] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 831] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 831] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 830] <... futex resumed>) = 0 [pid 830] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 831] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 831] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 831] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 831] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 830] <... futex resumed>) = 1 [pid 830] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 830] close(3) = 0 [pid 830] close(4) = 0 [pid 830] close(5) = 0 [pid 830] close(6) = -1 EBADF (Bad file descriptor) [pid 830] close(7) = -1 EBADF (Bad file descriptor) [pid 830] close(8) = -1 EBADF (Bad file descriptor) [pid 830] close(9) = -1 EBADF (Bad file descriptor) [pid 830] close(10) = -1 EBADF (Bad file descriptor) [pid 830] close(11) = -1 EBADF (Bad file descriptor) [pid 830] close(12) = -1 EBADF (Bad file descriptor) [pid 830] close(13) = -1 EBADF (Bad file descriptor) [pid 830] close(14) = -1 EBADF (Bad file descriptor) [pid 830] close(15) = -1 EBADF (Bad file descriptor) [pid 830] close(16) = -1 EBADF (Bad file descriptor) [pid 830] close(17) = -1 EBADF (Bad file descriptor) [pid 830] close(18) = -1 EBADF (Bad file descriptor) [pid 830] close(19) = -1 EBADF (Bad file descriptor) [pid 830] close(20) = -1 EBADF (Bad file descriptor) [pid 830] close(21) = -1 EBADF (Bad file descriptor) [pid 830] close(22) = -1 EBADF (Bad file descriptor) [pid 830] close(23) = -1 EBADF (Bad file descriptor) [pid 830] close(24) = -1 EBADF (Bad file descriptor) [pid 830] close(25 [pid 831] <... futex resumed>) = 0 [pid 830] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 831] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 830] close(26) = -1 EBADF (Bad file descriptor) [pid 830] close(27) = -1 EBADF (Bad file descriptor) [pid 830] close(28) = -1 EBADF (Bad file descriptor) [pid 830] close(29) = -1 EBADF (Bad file descriptor) [pid 830] exit_group(0) = ? [pid 831] <... futex resumed>) = ? [pid 831] +++ exited with 0 +++ [pid 830] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=37, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 44.937456][ T831] F2FS-fs (loop0): switch discard_unit option is not allowed [ 44.952146][ T836] F2FS-fs (loop4): Found nat_bits in checkpoint [ 44.965315][ T834] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 294] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 838] <... write resumed>) = 20699119 [pid 838] munmap(0x7fc71771c000, 138412032 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./17/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./17/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./17/file4") = 0 [pid 293] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./17/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./17") = 0 [pid 293] mkdir("./18", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 838] <... munmap resumed>) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 838] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 838] ioctl(4, LOOP_SET_FD, 3 [pid 293] <... clone resumed>, child_tidptr=0x555587579690) = 38 ./strace-static-x86_64: Process 854 attached [pid 854] set_robust_list(0x5555875796a0, 24) = 0 [pid 854] chdir("./18") = 0 [pid 854] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 854] setpgid(0, 0) = 0 [pid 854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 854] write(3, "1000", 4) = 4 [pid 854] close(3) = 0 [pid 854] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 854] write(1, "executing program\n", 18) = 18 [pid 854] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 854] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 854] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 854] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 854] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 854] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 838] <... ioctl resumed>) = 0 [pid 836] <... mount resumed>) = 0 [pid 294] <... umount2 resumed>) = 0 [pid 854] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 838] close(3 [pid 294] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 838] <... close resumed>) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 854] <... clone3 resumed> => {parent_tid=[39]}, 88) = 39 [pid 838] close(4 [pid 294] newfstatat(AT_FDCWD, "./17/file4", [pid 854] rt_sigprocmask(SIG_SETMASK, [], [pid 838] <... close resumed>) = 0 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 854] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 838] mkdir("./file4", 0777 [pid 294] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 854] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 838] <... mkdir resumed>) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 45.085173][ T836] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 45.098498][ T838] loop3: detected capacity change from 0 to 40427 [ 45.107303][ T836] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 45.115383][ T834] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 45.122101][ T838] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 854] <... futex resumed>) = 0 [pid 838] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] openat(AT_FDCWD, "./17/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 854] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 294] <... openat resumed>) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./17/file4") = 0 [pid 294] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./17/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./17") = 0 [pid 294] mkdir("./18", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3./strace-static-x86_64: Process 856 attached ) = 0 [pid 856] set_robust_list(0x7fc71fb3c9a0, 24 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 856] <... set_robust_list resumed>) = 0 [pid 856] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 39 [pid 856] memfd_create("syzkaller", 0 [pid 836] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 856] <... memfd_create resumed>) = 3 [pid 836] <... openat resumed>) = 3 [pid 856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 836] chdir("./file4") = 0 [ 45.124432][ T834] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 ./strace-static-x86_64: Process 857 attached [pid 836] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 857] set_robust_list(0x5555875796a0, 24 [pid 836] <... openat resumed>) = 4 [pid 857] <... set_robust_list resumed>) = 0 [pid 836] ioctl(4, LOOP_CLR_FD [pid 857] chdir("./18" [pid 836] <... ioctl resumed>) = 0 [pid 834] <... mount resumed>) = 0 [pid 857] <... chdir resumed>) = 0 [pid 836] close(4 [pid 834] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 857] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 836] <... close resumed>) = 0 [pid 857] <... prctl resumed>) = 0 [pid 836] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] <... openat resumed>) = 3 [pid 857] setpgid(0, 0 [pid 836] <... futex resumed>) = 1 [pid 835] <... futex resumed>) = 0 [pid 857] <... setpgid resumed>) = 0 [pid 834] chdir("./file4" [pid 836] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 835] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 836] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 835] <... futex resumed>) = 0 [pid 834] <... chdir resumed>) = 0 [pid 857] <... openat resumed>) = 3 [pid 836] fspick(AT_FDCWD, ".", 0 [pid 835] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 834] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 857] write(3, "1000", 4 [pid 836] <... fspick resumed>) = 4 [pid 834] <... openat resumed>) = 4 [pid 857] <... write resumed>) = 4 [pid 836] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] ioctl(4, LOOP_CLR_FD [pid 857] close(3 [pid 836] <... futex resumed>) = 1 [pid 835] <... futex resumed>) = 0 [pid 834] <... ioctl resumed>) = 0 [pid 857] <... close resumed>) = 0 [pid 836] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 835] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] close(4 [pid 857] symlink("/dev/binderfs", "./binderfs" [pid 836] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 835] <... futex resumed>) = 0 [pid 834] <... close resumed>) = 0 [pid 857] <... symlink resumed>) = 0 [pid 836] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 835] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 834] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 857] write(1, "executing program\n", 18executing program ) = 18 [pid 834] <... futex resumed>) = 1 [pid 833] <... futex resumed>) = 0 [pid 857] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 833] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 857] <... futex resumed>) = 0 [pid 834] fspick(AT_FDCWD, ".", 0 [pid 833] <... futex resumed>) = 0 [pid 857] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 834] <... fspick resumed>) = 4 [pid 833] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 857] <... rt_sigaction resumed>NULL, 8) = 0 [pid 834] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 833] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 857] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 834] <... futex resumed>) = 0 [pid 833] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 857] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 834] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 833] <... futex resumed>) = 0 [pid 857] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 833] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 857] <... mmap resumed>) = 0x7fc71fb1c000 [pid 857] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 857] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 857] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[40]}, 88) = 40 [pid 857] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 857] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 45.160835][ T838] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 45.186528][ T836] F2FS-fs (loop4): switch discard_unit option is not allowed [ 45.198435][ T834] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 857] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 858 attached [pid 836] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 834] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 858] set_robust_list(0x7fc71fb3c9a0, 24 [pid 836] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 858] <... set_robust_list resumed>) = 0 [pid 836] <... futex resumed>) = 1 [pid 835] <... futex resumed>) = 0 [pid 834] <... futex resumed>) = 1 [pid 833] <... futex resumed>) = 0 [pid 858] rt_sigprocmask(SIG_SETMASK, [], [pid 836] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 835] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 833] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 858] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 836] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 835] <... futex resumed>) = 0 [pid 834] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 833] <... futex resumed>) = 0 [pid 858] memfd_create("syzkaller", 0 [pid 836] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 835] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 834] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 833] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 858] <... memfd_create resumed>) = 3 [pid 836] <... open resumed>) = 5 [pid 858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 834] <... open resumed>) = 5 [pid 836] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 858] <... mmap resumed>) = 0x7fc71771c000 [pid 836] <... futex resumed>) = 1 [pid 835] <... futex resumed>) = 0 [pid 834] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 835] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 836] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 835] <... futex resumed>) = 0 [pid 834] <... futex resumed>) = 1 [pid 833] <... futex resumed>) = 0 [pid 833] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 835] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 834] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 836] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 833] <... futex resumed>) = 0 [pid 836] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 834] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 833] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 836] <... futex resumed>) = 1 [pid 835] <... futex resumed>) = 0 [pid 834] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 833] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 836] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 835] close(3 [pid 834] <... futex resumed>) = 0 [pid 833] close(3 [pid 835] <... close resumed>) = 0 [pid 834] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 835] close(4 [pid 833] <... close resumed>) = 0 [pid 835] <... close resumed>) = 0 [pid 833] close(4 [pid 835] close(5 [pid 833] <... close resumed>) = 0 [pid 835] <... close resumed>) = 0 [pid 833] close(5 [pid 835] close(6 [pid 833] <... close resumed>) = 0 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] close(6 [pid 835] close(7) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(8 [pid 833] close(7 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(9 [pid 833] close(8 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(10 [pid 833] close(9 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(11 [pid 833] close(10 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(12 [pid 833] close(11 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(13 [pid 833] close(12 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(14 [pid 833] close(13 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(15 [pid 833] close(14 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(16 [pid 833] close(15 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(17 [pid 833] close(16 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(18 [pid 833] close(17 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(19 [pid 833] close(18 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(20 [pid 833] close(19 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(21 [pid 833] close(20 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(22 [pid 833] close(21 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(23 [pid 833] close(22 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(24 [pid 833] close(23 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(25 [pid 833] close(24 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(26 [pid 833] close(25 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(27 [pid 833] close(26 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(28 [pid 833] close(27 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] close(29 [pid 833] close(28 [pid 835] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 835] exit_group(0 [pid 833] close(29 [pid 836] <... futex resumed>) = ? [pid 835] <... exit_group resumed>) = ? [pid 833] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 836] +++ exited with 0 +++ [pid 835] +++ exited with 0 +++ [pid 833] exit_group(0) = ? [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=36, si_uid=0, si_status=0, si_utime=2, si_stime=18} --- [pid 834] <... futex resumed>) = ? [pid 834] +++ exited with 0 +++ [pid 833] +++ exited with 0 +++ [ 45.216673][ T838] F2FS-fs (loop3): fault_injection options not supported [ 45.244894][ T838] F2FS-fs (loop3): fault_type options not supported [pid 299] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=4, si_stime=24} --- [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 45.264976][ T838] F2FS-fs (loop3): invalid crc value [ 45.322775][ T838] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 297] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 856] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 838] <... mount resumed>) = 0 [pid 838] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 838] chdir("./file4") = 0 [pid 838] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 838] ioctl(4, LOOP_CLR_FD) = 0 [pid 838] close(4) = 0 [pid 838] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 838] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 837] <... futex resumed>) = 0 [pid 837] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 837] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 838] <... futex resumed>) = 0 [pid 838] fspick(AT_FDCWD, ".", 0) = 4 [pid 838] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 837] <... futex resumed>) = 0 [pid 837] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 837] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 45.446252][ T838] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 45.455933][ T838] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 838] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 838] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 837] <... futex resumed>) = 0 [pid 837] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 858] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 837] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 838] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 838] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 837] <... futex resumed>) = 0 [pid 837] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 837] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 838] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 838] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 837] <... futex resumed>) = 0 [pid 837] close(3) = 0 [pid 837] close(4) = 0 [pid 837] close(5) = 0 [pid 837] close(6) = -1 EBADF (Bad file descriptor) [pid 837] close(7) = -1 EBADF (Bad file descriptor) [pid 837] close(8) = -1 EBADF (Bad file descriptor) [pid 837] close(9) = -1 EBADF (Bad file descriptor) [pid 837] close(10) = -1 EBADF (Bad file descriptor) [pid 837] close(11) = -1 EBADF (Bad file descriptor) [pid 837] close(12) = -1 EBADF (Bad file descriptor) [pid 837] close(13) = -1 EBADF (Bad file descriptor) [pid 837] close(14) = -1 EBADF (Bad file descriptor) [pid 837] close(15) = -1 EBADF (Bad file descriptor) [pid 837] close(16) = -1 EBADF (Bad file descriptor) [pid 837] close(17) = -1 EBADF (Bad file descriptor) [pid 837] close(18) = -1 EBADF (Bad file descriptor) [pid 837] close(19) = -1 EBADF (Bad file descriptor) [pid 837] close(20) = -1 EBADF (Bad file descriptor) [pid 837] close(21) = -1 EBADF (Bad file descriptor) [pid 837] close(22) = -1 EBADF (Bad file descriptor) [pid 837] close(23) = -1 EBADF (Bad file descriptor) [pid 837] close(24) = -1 EBADF (Bad file descriptor) [pid 837] close(25) = -1 EBADF (Bad file descriptor) [pid 837] close(26) = -1 EBADF (Bad file descriptor) [pid 837] close(27) = -1 EBADF (Bad file descriptor) [pid 837] close(28) = -1 EBADF (Bad file descriptor) [pid 837] close(29) = -1 EBADF (Bad file descriptor) [pid 837] exit_group(0) = ? [pid 838] +++ exited with 0 +++ [pid 837] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=4, si_stime=21} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... umount2 resumed>) = 0 [pid 297] <... umount2 resumed>) = 0 [pid 299] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./17/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./17/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./17/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", [pid 297] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./18/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./18/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./18/file4") = 0 [pid 297] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./18/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./18") = 0 [pid 297] mkdir("./19", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 45.488233][ T838] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 297] close(3) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./17/file4") = 0 [pid 299] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./17/binderfs", [pid 297] <... clone resumed>, child_tidptr=0x555587579690) = 40 [pid 299] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./17/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./17") = 0 [pid 299] mkdir("./18", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 38 ./strace-static-x86_64: Process 863 attached [pid 863] set_robust_list(0x5555875796a0, 24) = 0 [pid 863] chdir("./19") = 0 [pid 863] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 863] setpgid(0, 0) = 0 [pid 863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 863] write(3, "1000", 4) = 4 [pid 863] close(3) = 0 [pid 863] symlink("/dev/binderfs", "./binderfs") = 0 [pid 863] write(1, "executing program\n", 18executing program ) = 18 [pid 863] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 863] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 863] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 863] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 863] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 ./strace-static-x86_64: Process 864 attached [pid 863] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 863] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[41]}, 88) = 41 [pid 863] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 863] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 863] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 864] set_robust_list(0x5555875796a0, 24) = 0 [pid 864] chdir("./18") = 0 [pid 864] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 864] setpgid(0, 0) = 0 [pid 864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 864] write(3, "1000", 4) = 4 [pid 864] close(3) = 0 [pid 864] symlink("/dev/binderfs", "./binderfs") = 0 [pid 864] write(1, "executing program\n", 18executing program ) = 18 [pid 864] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 864] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 864] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 864] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 864] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 864] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 864] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[39]}, 88) = 39 [pid 864] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 864] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 864] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 856] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 866 attached [pid 856] munmap(0x7fc71771c000, 138412032) = 0 [pid 866] set_robust_list(0x7fc71fb3c9a0, 24./strace-static-x86_64: Process 865 attached ) = 0 [pid 856] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 866] rt_sigprocmask(SIG_SETMASK, [], [pid 856] <... openat resumed>) = 4 [pid 866] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 856] ioctl(4, LOOP_SET_FD, 3 [pid 866] memfd_create("syzkaller", 0 [pid 865] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 865] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 865] memfd_create("syzkaller", 0) = 3 [pid 865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 866] <... memfd_create resumed>) = 3 [pid 866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 856] <... ioctl resumed>) = 0 [pid 856] close(3) = 0 [pid 856] close(4) = 0 [pid 856] mkdir("./file4", 0777) = 0 [ 45.591061][ T856] loop2: detected capacity change from 0 to 40427 [ 45.624811][ T856] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 856] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 858] <... write resumed>) = 20699119 [pid 858] munmap(0x7fc71771c000, 138412032) = 0 [pid 858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 45.640388][ T856] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 45.670254][ T856] F2FS-fs (loop2): fault_injection options not supported [ 45.677625][ T856] F2FS-fs (loop2): fault_type options not supported [pid 858] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 858] close(3) = 0 [pid 858] close(4) = 0 [pid 858] mkdir("./file4", 0777) = 0 [ 45.696692][ T858] loop0: detected capacity change from 0 to 40427 [ 45.709216][ T856] F2FS-fs (loop2): invalid crc value [ 45.716237][ T858] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 45.730368][ T858] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 858] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./18/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./18/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./18/file4") = 0 [pid 298] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./18/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./18") = 0 [pid 298] mkdir("./19", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 40 [pid 865] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 870 attached [pid 870] set_robust_list(0x5555875796a0, 24) = 0 [ 45.749021][ T858] F2FS-fs (loop0): fault_injection options not supported [ 45.757335][ T856] F2FS-fs (loop2): Found nat_bits in checkpoint [ 45.771985][ T858] F2FS-fs (loop0): fault_type options not supported [pid 870] chdir("./19") = 0 [pid 870] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 870] setpgid(0, 0) = 0 [pid 870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 870] write(3, "1000", 4) = 4 [pid 870] close(3) = 0 [pid 870] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 870] write(1, "executing program\n", 18) = 18 [pid 870] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 870] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 870] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 870] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 870] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 870] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 870] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[41]}, 88) = 41 [pid 870] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 870] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 870] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 872 attached [pid 872] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 872] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 872] memfd_create("syzkaller", 0) = 3 [pid 872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 45.802264][ T858] F2FS-fs (loop0): invalid crc value [pid 866] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 856] <... mount resumed>) = 0 [pid 856] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 856] chdir("./file4") = 0 [pid 856] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 856] ioctl(4, LOOP_CLR_FD) = 0 [pid 856] close(4) = 0 [pid 856] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 854] <... futex resumed>) = 0 [pid 854] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 854] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 856] fspick(AT_FDCWD, ".", 0) = 4 [pid 856] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 854] <... futex resumed>) = 0 [pid 856] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 854] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 856] <... futex resumed>) = 0 [pid 854] <... futex resumed>) = 1 [pid 856] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 45.825616][ T858] F2FS-fs (loop0): Found nat_bits in checkpoint [ 45.853267][ T856] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 45.863131][ T856] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 854] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 856] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 856] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 854] <... futex resumed>) = 0 [pid 856] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 854] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 856] <... futex resumed>) = 0 [pid 854] <... futex resumed>) = 1 [pid 856] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 854] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 856] <... open resumed>) = 5 [pid 856] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 854] <... futex resumed>) = 0 [pid 856] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 854] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 856] <... futex resumed>) = 0 [pid 854] <... futex resumed>) = 1 [pid 856] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 854] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 856] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 854] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 856] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 854] close(3) = 0 [pid 854] close(4) = 0 [pid 854] close(5) = 0 [pid 854] close(6) = -1 EBADF (Bad file descriptor) [pid 854] close(7) = -1 EBADF (Bad file descriptor) [pid 854] close(8) = -1 EBADF (Bad file descriptor) [pid 854] close(9) = -1 EBADF (Bad file descriptor) [pid 854] close(10) = -1 EBADF (Bad file descriptor) [pid 854] close(11) = -1 EBADF (Bad file descriptor) [pid 854] close(12) = -1 EBADF (Bad file descriptor) [pid 854] close(13) = -1 EBADF (Bad file descriptor) [pid 854] close(14) = -1 EBADF (Bad file descriptor) [pid 854] close(15) = -1 EBADF (Bad file descriptor) [pid 854] close(16) = -1 EBADF (Bad file descriptor) [pid 854] close(17) = -1 EBADF (Bad file descriptor) [pid 854] close(18) = -1 EBADF (Bad file descriptor) [pid 854] close(19) = -1 EBADF (Bad file descriptor) [pid 854] close(20) = -1 EBADF (Bad file descriptor) [pid 854] close(21) = -1 EBADF (Bad file descriptor) [pid 854] close(22) = -1 EBADF (Bad file descriptor) [pid 854] close(23) = -1 EBADF (Bad file descriptor) [pid 854] close(24) = -1 EBADF (Bad file descriptor) [pid 854] close(25) = -1 EBADF (Bad file descriptor) [pid 854] close(26) = -1 EBADF (Bad file descriptor) [pid 854] close(27) = -1 EBADF (Bad file descriptor) [pid 854] close(28) = -1 EBADF (Bad file descriptor) [pid 854] close(29) = -1 EBADF (Bad file descriptor) [pid 854] exit_group(0 [pid 856] <... futex resumed>) = ? [pid 854] <... exit_group resumed>) = ? [pid 856] +++ exited with 0 +++ [pid 854] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 293] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [ 45.896002][ T856] F2FS-fs (loop2): switch discard_unit option is not allowed [ 45.935515][ T293] bio_check_eod: 12 callbacks suppressed [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 865] <... write resumed>) = 20699119 [pid 866] <... write resumed>) = 20699119 [pid 866] munmap(0x7fc71771c000, 138412032) = 0 [pid 866] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 45.935536][ T293] syz-executor248: attempt to access beyond end of device [ 45.935536][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 45.969049][ T858] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 45.985077][ T858] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 866] ioctl(4, LOOP_SET_FD, 3 [pid 865] munmap(0x7fc71771c000, 138412032) = 0 [pid 865] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 866] <... ioctl resumed>) = 0 [pid 866] close(3) = 0 [pid 866] close(4) = 0 [pid 866] mkdir("./file4", 0777) = 0 [pid 866] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 865] ioctl(4, LOOP_SET_FD, 3 [pid 872] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 858] <... mount resumed>) = 0 [pid 865] <... ioctl resumed>) = 0 [pid 865] close(3) = 0 [pid 865] close(4) = 0 [pid 865] mkdir("./file4", 0777) = 0 [pid 865] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 858] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 858] chdir("./file4") = 0 [pid 858] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 858] ioctl(4, LOOP_CLR_FD) = 0 [pid 858] close(4) = 0 [pid 858] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 857] <... futex resumed>) = 0 [ 46.002531][ T866] loop4: detected capacity change from 0 to 40427 [ 46.015045][ T866] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 46.021650][ T865] loop1: detected capacity change from 0 to 40427 [ 46.025008][ T866] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 46.038945][ T865] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [pid 857] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 858] fspick(AT_FDCWD, ".", 0 [pid 857] <... futex resumed>) = 0 [pid 858] <... fspick resumed>) = 4 [pid 857] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 858] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 857] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 858] <... futex resumed>) = 0 [pid 857] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 858] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 857] <... futex resumed>) = 0 [ 46.050872][ T865] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 46.059476][ T866] F2FS-fs (loop4): fault_injection options not supported [ 46.078323][ T865] F2FS-fs (loop1): fault_injection options not supported [ 46.078442][ T858] F2FS-fs (loop0): switch discard_unit option is not allowed [ 46.093251][ T865] F2FS-fs (loop1): fault_type options not supported [pid 857] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 858] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 858] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 857] <... futex resumed>) = 0 [pid 857] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 857] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 858] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 858] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 857] <... futex resumed>) = 0 [pid 857] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 857] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 858] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 858] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 857] <... futex resumed>) = 0 [pid 857] close(3) = 0 [pid 857] close(4) = 0 [pid 857] close(5) = 0 [pid 857] close(6) = -1 EBADF (Bad file descriptor) [pid 858] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 857] close(7) = -1 EBADF (Bad file descriptor) [pid 857] close(8) = -1 EBADF (Bad file descriptor) [pid 857] close(9) = -1 EBADF (Bad file descriptor) [pid 857] close(10) = -1 EBADF (Bad file descriptor) [pid 857] close(11) = -1 EBADF (Bad file descriptor) [pid 857] close(12) = -1 EBADF (Bad file descriptor) [pid 857] close(13) = -1 EBADF (Bad file descriptor) [pid 857] close(14) = -1 EBADF (Bad file descriptor) [pid 857] close(15) = -1 EBADF (Bad file descriptor) [pid 857] close(16) = -1 EBADF (Bad file descriptor) [pid 857] close(17) = -1 EBADF (Bad file descriptor) [pid 857] close(18) = -1 EBADF (Bad file descriptor) [pid 857] close(19) = -1 EBADF (Bad file descriptor) [pid 857] close(20) = -1 EBADF (Bad file descriptor) [pid 857] close(21) = -1 EBADF (Bad file descriptor) [pid 857] close(22) = -1 EBADF (Bad file descriptor) [pid 857] close(23) = -1 EBADF (Bad file descriptor) [pid 857] close(24) = -1 EBADF (Bad file descriptor) [pid 857] close(25) = -1 EBADF (Bad file descriptor) [pid 857] close(26) = -1 EBADF (Bad file descriptor) [pid 857] close(27) = -1 EBADF (Bad file descriptor) [pid 857] close(28) = -1 EBADF (Bad file descriptor) [pid 857] close(29) = -1 EBADF (Bad file descriptor) [pid 857] exit_group(0 [pid 858] <... futex resumed>) = ? [pid 857] <... exit_group resumed>) = ? [pid 858] +++ exited with 0 +++ [pid 857] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=39, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 46.105298][ T865] F2FS-fs (loop1): invalid crc value [ 46.114587][ T866] F2FS-fs (loop4): fault_type options not supported [ 46.127971][ T865] F2FS-fs (loop1): Found nat_bits in checkpoint [ 46.131332][ T866] F2FS-fs (loop4): invalid crc value [pid 294] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 865] <... mount resumed>) = 0 [pid 865] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 865] chdir("./file4") = 0 [pid 865] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 865] ioctl(4, LOOP_CLR_FD) = 0 [pid 865] close(4 [pid 872] <... write resumed>) = 20699119 [pid 865] <... close resumed>) = 0 [pid 872] munmap(0x7fc71771c000, 138412032 [pid 865] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 872] <... munmap resumed>) = 0 [pid 865] <... futex resumed>) = 1 [pid 872] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 865] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 863] <... futex resumed>) = 0 [pid 872] <... openat resumed>) = 4 [pid 872] ioctl(4, LOOP_SET_FD, 3 [pid 863] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 46.173884][ T294] syz-executor248: attempt to access beyond end of device [ 46.173884][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 46.176157][ T866] F2FS-fs (loop4): Found nat_bits in checkpoint [ 46.195841][ T865] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 46.210377][ T865] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 863] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 865] <... futex resumed>) = 0 [pid 865] fspick(AT_FDCWD, ".", 0) = 4 [pid 865] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 863] <... futex resumed>) = 0 [pid 865] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 863] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 865] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 863] <... futex resumed>) = 0 [pid 863] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 865] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 872] <... ioctl resumed>) = 0 [pid 865] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 872] close(3 [pid 865] <... futex resumed>) = 1 [pid 863] <... futex resumed>) = 0 [pid 872] <... close resumed>) = 0 [pid 865] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 872] close(4 [pid 863] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 865] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 863] <... futex resumed>) = 0 [pid 872] <... close resumed>) = 0 [pid 865] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 863] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 865] <... open resumed>) = 5 [pid 872] mkdir("./file4", 0777 [pid 865] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 872] <... mkdir resumed>) = 0 [pid 865] <... futex resumed>) = 1 [pid 863] <... futex resumed>) = 0 [pid 872] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 865] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 863] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 863] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 865] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 865] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 865] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 863] <... futex resumed>) = 0 [pid 865] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 863] close(3) = 0 [pid 863] close(4) = 0 [pid 863] close(5) = 0 [pid 863] close(6) = -1 EBADF (Bad file descriptor) [pid 863] close(7) = -1 EBADF (Bad file descriptor) [pid 863] close(8) = -1 EBADF (Bad file descriptor) [pid 863] close(9) = -1 EBADF (Bad file descriptor) [pid 863] close(10) = -1 EBADF (Bad file descriptor) [pid 863] close(11) = -1 EBADF (Bad file descriptor) [pid 863] close(12) = -1 EBADF (Bad file descriptor) [pid 863] close(13) = -1 EBADF (Bad file descriptor) [pid 863] close(14) = -1 EBADF (Bad file descriptor) [pid 863] close(15) = -1 EBADF (Bad file descriptor) [pid 863] close(16) = -1 EBADF (Bad file descriptor) [pid 863] close(17) = -1 EBADF (Bad file descriptor) [pid 863] close(18) = -1 EBADF (Bad file descriptor) [pid 863] close(19) = -1 EBADF (Bad file descriptor) [pid 863] close(20) = -1 EBADF (Bad file descriptor) [pid 863] close(21) = -1 EBADF (Bad file descriptor) [pid 863] close(22) = -1 EBADF (Bad file descriptor) [pid 863] close(23) = -1 EBADF (Bad file descriptor) [pid 863] close(24) = -1 EBADF (Bad file descriptor) [pid 863] close(25) = -1 EBADF (Bad file descriptor) [pid 863] close(26) = -1 EBADF (Bad file descriptor) [pid 863] close(27) = -1 EBADF (Bad file descriptor) [pid 863] close(28) = -1 EBADF (Bad file descriptor) [pid 863] close(29) = -1 EBADF (Bad file descriptor) [pid 863] exit_group(0 [pid 865] <... futex resumed>) = ? [pid 863] <... exit_group resumed>) = ? [pid 865] +++ exited with 0 +++ [pid 863] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=40, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [ 46.232683][ T872] loop3: detected capacity change from 0 to 40427 [ 46.242344][ T865] F2FS-fs (loop1): switch discard_unit option is not allowed [ 46.268965][ T872] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 46.281934][ T872] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 46.292410][ T297] syz-executor248: attempt to access beyond end of device [ 46.292410][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 46.292475][ T872] F2FS-fs (loop3): fault_injection options not supported [ 46.309361][ T866] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 46.321262][ T872] F2FS-fs (loop3): fault_type options not supported [pid 293] newfstatat(AT_FDCWD, "./18/file4", [pid 866] <... mount resumed>) = 0 [pid 866] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 866] chdir("./file4") = 0 [pid 866] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 866] ioctl(4, LOOP_CLR_FD) = 0 [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./18/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./18/file4") = 0 [pid 293] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./18/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./18") = 0 [pid 293] mkdir("./19", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 40 [pid 866] close(4) = 0 [pid 866] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 864] <... futex resumed>) = 0 [pid 864] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 864] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 866] fspick(AT_FDCWD, ".", 0) = 4 [pid 866] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 886 attached [pid 886] set_robust_list(0x5555875796a0, 24 [pid 866] <... futex resumed>) = 1 [pid 864] <... futex resumed>) = 0 [pid 886] <... set_robust_list resumed>) = 0 [pid 864] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 886] chdir("./19" [pid 864] <... futex resumed>) = 0 [pid 886] <... chdir resumed>) = 0 [pid 864] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 886] prctl(PR_SET_PDEATHSIG, SIGKILL [ 46.338555][ T866] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 46.343741][ T872] F2FS-fs (loop3): invalid crc value [pid 866] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 886] <... prctl resumed>) = 0 [pid 886] setpgid(0, 0) = 0 [pid 886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 886] write(3, "1000", 4) = 4 [pid 886] close(3) = 0 [pid 886] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 886] write(1, "executing program\n", 18) = 18 [pid 886] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 886] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 886] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 886] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 886] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 886] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 886] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[41]}, 88) = 41 [pid 886] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 886] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 886] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 888 attached [pid 888] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 888] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 888] memfd_create("syzkaller", 0) = 3 [pid 866] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 866] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 864] <... futex resumed>) = 0 [pid 888] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 866] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 864] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 888] <... mmap resumed>) = 0x7fc71771c000 [pid 864] <... futex resumed>) = 1 [pid 866] <... futex resumed>) = 0 [pid 864] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 866] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 866] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 866] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 864] <... futex resumed>) = 0 [pid 864] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 866] <... futex resumed>) = 0 [pid 866] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 864] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 866] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 866] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 864] <... futex resumed>) = 0 [pid 866] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 864] close(3) = 0 [pid 864] close(4) = 0 [pid 864] close(5) = 0 [pid 864] close(6) = -1 EBADF (Bad file descriptor) [pid 864] close(7) = -1 EBADF (Bad file descriptor) [pid 864] close(8) = -1 EBADF (Bad file descriptor) [pid 864] close(9) = -1 EBADF (Bad file descriptor) [pid 864] close(10) = -1 EBADF (Bad file descriptor) [pid 864] close(11) = -1 EBADF (Bad file descriptor) [pid 864] close(12) = -1 EBADF (Bad file descriptor) [pid 864] close(13) = -1 EBADF (Bad file descriptor) [pid 864] close(14) = -1 EBADF (Bad file descriptor) [pid 864] close(15) = -1 EBADF (Bad file descriptor) [pid 864] close(16) = -1 EBADF (Bad file descriptor) [pid 864] close(17) = -1 EBADF (Bad file descriptor) [pid 864] close(18) = -1 EBADF (Bad file descriptor) [pid 864] close(19) = -1 EBADF (Bad file descriptor) [pid 864] close(20) = -1 EBADF (Bad file descriptor) [pid 864] close(21) = -1 EBADF (Bad file descriptor) [pid 864] close(22) = -1 EBADF (Bad file descriptor) [pid 864] close(23) = -1 EBADF (Bad file descriptor) [pid 864] close(24) = -1 EBADF (Bad file descriptor) [pid 864] close(25) = -1 EBADF (Bad file descriptor) [pid 864] close(26) = -1 EBADF (Bad file descriptor) [pid 864] close(27) = -1 EBADF (Bad file descriptor) [pid 864] close(28) = -1 EBADF (Bad file descriptor) [pid 864] close(29) = -1 EBADF (Bad file descriptor) [pid 864] exit_group(0) = ? [pid 866] <... futex resumed>) = ? [pid 866] +++ exited with 0 +++ [pid 864] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=38, si_uid=0, si_status=0, si_utime=9, si_stime=19} --- [ 46.379482][ T866] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./18/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./18/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./18/file4") = 0 [pid 294] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./18/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./18") = 0 [pid 294] mkdir("./19", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 41 [ 46.425860][ T872] F2FS-fs (loop3): Found nat_bits in checkpoint [ 46.432931][ T299] syz-executor248: attempt to access beyond end of device [ 46.432931][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 ./strace-static-x86_64: Process 890 attached [pid 890] set_robust_list(0x5555875796a0, 24) = 0 [pid 890] chdir("./19") = 0 [pid 890] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 890] setpgid(0, 0) = 0 [pid 890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 890] write(3, "1000", 4) = 4 [pid 890] close(3) = 0 [pid 890] symlink("/dev/binderfs", "./binderfs") = 0 [pid 890] write(1, "executing program\n", 18executing program ) = 18 [pid 890] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 890] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 890] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 890] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 890] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 890] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 890] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[42]}, 88) = 42 [pid 890] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 890] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 890] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 891 attached [pid 891] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 891] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 891] memfd_create("syzkaller", 0) = 3 [pid 891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 872] <... mount resumed>) = 0 [pid 872] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 872] chdir("./file4") = 0 [pid 872] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 872] ioctl(4, LOOP_CLR_FD) = 0 [pid 872] close(4) = 0 [pid 872] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 870] <... futex resumed>) = 0 [pid 870] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 872] fspick(AT_FDCWD, ".", 0) = 4 [pid 870] <... futex resumed>) = 0 [pid 870] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 872] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 870] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 872] <... futex resumed>) = 0 [pid 872] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 870] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 872] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 870] <... futex resumed>) = 0 [pid 872] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 46.530585][ T872] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 46.547939][ T872] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 870] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 872] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 872] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 870] <... futex resumed>) = 0 [pid 870] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 872] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 870] <... futex resumed>) = 0 [pid 870] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 872] <... open resumed>) = 5 [pid 297] <... umount2 resumed>) = 0 [pid 872] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./19/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 870] <... futex resumed>) = 0 [pid 872] <... futex resumed>) = 1 [pid 297] openat(AT_FDCWD, "./19/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 872] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 870] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... openat resumed>) = 4 [pid 870] <... futex resumed>) = 0 [pid 872] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 870] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 872] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 872] <... futex resumed>) = 0 [pid 870] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./19/file4" [pid 870] close(3 [pid 872] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 870] <... close resumed>) = 0 [pid 870] close(4) = 0 [pid 870] close(5 [pid 297] <... rmdir resumed>) = 0 [pid 870] <... close resumed>) = 0 [pid 870] close(6) = -1 EBADF (Bad file descriptor) [pid 870] close(7) = -1 EBADF (Bad file descriptor) [pid 870] close(8 [pid 297] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 870] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 870] close(9) = -1 EBADF (Bad file descriptor) [pid 870] close(10) = -1 EBADF (Bad file descriptor) [pid 870] close(11 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 870] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 870] close(12) = -1 EBADF (Bad file descriptor) [pid 297] newfstatat(AT_FDCWD, "./19/binderfs", [pid 870] close(13) = -1 EBADF (Bad file descriptor) [pid 870] close(14) = -1 EBADF (Bad file descriptor) [pid 870] close(15) = -1 EBADF (Bad file descriptor) [pid 870] close(16) = -1 EBADF (Bad file descriptor) [pid 870] close(17) = -1 EBADF (Bad file descriptor) [pid 870] close(18) = -1 EBADF (Bad file descriptor) [pid 870] close(19) = -1 EBADF (Bad file descriptor) [pid 870] close(20) = -1 EBADF (Bad file descriptor) [pid 870] close(21 [pid 297] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 870] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 870] close(22) = -1 EBADF (Bad file descriptor) [pid 297] unlink("./19/binderfs" [pid 870] close(23 [pid 297] <... unlink resumed>) = 0 [pid 870] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 870] close(24) = -1 EBADF (Bad file descriptor) [pid 297] getdents64(3, [pid 870] close(25) = -1 EBADF (Bad file descriptor) [pid 870] close(26) = -1 EBADF (Bad file descriptor) [pid 297] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 870] close(27) = -1 EBADF (Bad file descriptor) [pid 870] close(28) = -1 EBADF (Bad file descriptor) [pid 870] close(29) = -1 EBADF (Bad file descriptor) [pid 870] exit_group(0) = ? [pid 872] <... futex resumed>) = ? [pid 297] close(3) = 0 [pid 872] +++ exited with 0 +++ [pid 870] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=40, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 297] rmdir("./19") = 0 [pid 297] mkdir("./20", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 42 ./strace-static-x86_64: Process 893 attached [pid 893] set_robust_list(0x5555875796a0, 24) = 0 [pid 893] chdir("./20") = 0 [pid 893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 893] setpgid(0, 0) = 0 [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", [pid 893] <... openat resumed>) = 3 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 893] write(3, "1000", 4) = 4 [pid 893] close(3) = 0 [pid 893] symlink("/dev/binderfs", "./binderfs") = 0 [pid 893] write(1, "executing program\n", 18executing program ) = 18 [pid 893] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 893] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 893] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 893] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 893] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 893] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 893] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[43]}, 88) = 43 [pid 893] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 893] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 893] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 894 attached [pid 894] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 894] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 894] memfd_create("syzkaller", 0) = 3 [pid 894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 46.573204][ T872] F2FS-fs (loop3): switch discard_unit option is not allowed [ 46.606958][ T298] syz-executor248: attempt to access beyond end of device [ 46.606958][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 888] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./18/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./18/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./18/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./18/file4") = 0 [pid 299] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./18/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./18") = 0 [pid 299] mkdir("./19", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 40 ./strace-static-x86_64: Process 895 attached [pid 895] set_robust_list(0x5555875796a0, 24) = 0 [pid 895] chdir("./19") = 0 [pid 895] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 895] setpgid(0, 0) = 0 [pid 895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 895] write(3, "1000", 4) = 4 [pid 895] close(3) = 0 [pid 895] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 895] write(1, "executing program\n", 18) = 18 [pid 895] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 895] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 895] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 895] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 895] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 895] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 895] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[41]}, 88) = 41 [pid 895] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 895] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 895] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 896 attached [pid 896] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 896] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 896] memfd_create("syzkaller", 0) = 3 [pid 896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 891] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 888] <... write resumed>) = 20699119 [pid 888] munmap(0x7fc71771c000, 138412032) = 0 [pid 888] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 888] ioctl(4, LOOP_SET_FD, 3 [pid 298] <... umount2 resumed>) = 0 [pid 888] <... ioctl resumed>) = 0 [pid 888] close(3) = 0 [pid 888] close(4) = 0 [pid 888] mkdir("./file4", 0777) = 0 [pid 888] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./19/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./19/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./19/file4") = 0 [pid 298] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./19/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./19") = 0 [pid 298] mkdir("./20", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 42 [pid 894] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 897 attached [ 46.840471][ T888] loop2: detected capacity change from 0 to 40427 [ 46.864088][ T888] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 46.875530][ T888] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 897] set_robust_list(0x5555875796a0, 24) = 0 [pid 897] chdir("./20") = 0 [pid 897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 897] setpgid(0, 0) = 0 [pid 897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 897] write(3, "1000", 4) = 4 [pid 897] close(3) = 0 [pid 897] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 897] write(1, "executing program\n", 18) = 18 [pid 897] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 897] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 897] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 897] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 897] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 897] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[43]}, 88) = 43 [pid 897] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 897] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 898 attached [pid 898] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 898] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 898] memfd_create("syzkaller", 0) = 3 [pid 898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 891] <... write resumed>) = 20699119 [pid 891] munmap(0x7fc71771c000, 138412032) = 0 [pid 891] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 46.910195][ T888] F2FS-fs (loop2): fault_injection options not supported [ 46.927895][ T888] F2FS-fs (loop2): fault_type options not supported [ 46.946000][ T888] F2FS-fs (loop2): invalid crc value [pid 891] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 891] close(3) = 0 [pid 891] close(4) = 0 [pid 891] mkdir("./file4", 0777) = 0 [ 46.960904][ T891] loop0: detected capacity change from 0 to 40427 [ 46.968461][ T888] F2FS-fs (loop2): Found nat_bits in checkpoint [ 46.985887][ T891] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 891] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 896] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 894] <... write resumed>) = 20699119 [pid 894] munmap(0x7fc71771c000, 138412032) = 0 [pid 894] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 47.013719][ T891] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 47.040536][ T891] F2FS-fs (loop0): fault_injection options not supported [ 47.048827][ T894] loop1: detected capacity change from 0 to 40427 [pid 894] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 894] close(3) = 0 [pid 894] close(4) = 0 [pid 894] mkdir("./file4", 0777) = 0 [ 47.058335][ T891] F2FS-fs (loop0): fault_type options not supported [ 47.075974][ T894] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 47.083794][ T891] F2FS-fs (loop0): invalid crc value [ 47.089625][ T888] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 47.100358][ T888] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 894] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 888] <... mount resumed>) = 0 [pid 888] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 888] chdir("./file4") = 0 [pid 888] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 888] ioctl(4, LOOP_CLR_FD) = 0 [pid 888] close(4) = 0 [pid 888] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 886] <... futex resumed>) = 0 [pid 888] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 886] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 888] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 886] <... futex resumed>) = 0 [pid 888] fspick(AT_FDCWD, ".", 0 [pid 886] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 888] <... fspick resumed>) = 4 [pid 888] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 886] <... futex resumed>) = 0 [pid 888] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 886] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 888] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 886] <... futex resumed>) = 0 [pid 888] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 886] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 888] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 888] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 886] <... futex resumed>) = 0 [pid 888] <... futex resumed>) = 1 [pid 886] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 888] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 886] <... futex resumed>) = 0 [pid 886] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 888] <... open resumed>) = 5 [pid 888] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 886] <... futex resumed>) = 0 [pid 888] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 886] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 888] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 886] <... futex resumed>) = 0 [pid 888] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 886] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 888] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 888] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 886] <... futex resumed>) = 0 [pid 888] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 886] close(3) = 0 [pid 886] close(4) = 0 [pid 886] close(5) = 0 [pid 886] close(6) = -1 EBADF (Bad file descriptor) [pid 886] close(7) = -1 EBADF (Bad file descriptor) [pid 886] close(8) = -1 EBADF (Bad file descriptor) [pid 886] close(9) = -1 EBADF (Bad file descriptor) [pid 886] close(10) = -1 EBADF (Bad file descriptor) [pid 886] close(11) = -1 EBADF (Bad file descriptor) [pid 886] close(12) = -1 EBADF (Bad file descriptor) [pid 886] close(13) = -1 EBADF (Bad file descriptor) [pid 886] close(14) = -1 EBADF (Bad file descriptor) [pid 886] close(15) = -1 EBADF (Bad file descriptor) [pid 886] close(16) = -1 EBADF (Bad file descriptor) [pid 886] close(17) = -1 EBADF (Bad file descriptor) [pid 886] close(18) = -1 EBADF (Bad file descriptor) [pid 886] close(19) = -1 EBADF (Bad file descriptor) [pid 886] close(20) = -1 EBADF (Bad file descriptor) [pid 886] close(21) = -1 EBADF (Bad file descriptor) [pid 886] close(22) = -1 EBADF (Bad file descriptor) [pid 886] close(23) = -1 EBADF (Bad file descriptor) [pid 886] close(24) = -1 EBADF (Bad file descriptor) [pid 886] close(25) = -1 EBADF (Bad file descriptor) [pid 886] close(26) = -1 EBADF (Bad file descriptor) [pid 886] close(27) = -1 EBADF (Bad file descriptor) [pid 886] close(28) = -1 EBADF (Bad file descriptor) [pid 886] close(29) = -1 EBADF (Bad file descriptor) [pid 886] exit_group(0 [pid 888] <... futex resumed>) = ? [pid 886] <... exit_group resumed>) = ? [pid 888] +++ exited with 0 +++ [pid 886] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=40, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 898] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... restart_syscall resumed>) = 0 [pid 293] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 47.104723][ T894] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 47.128873][ T891] F2FS-fs (loop0): Found nat_bits in checkpoint [ 47.136577][ T888] F2FS-fs (loop2): switch discard_unit option is not allowed [ 47.140256][ T894] F2FS-fs (loop1): fault_injection options not supported [pid 293] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 896] <... write resumed>) = 20699119 [pid 896] munmap(0x7fc71771c000, 138412032) = 0 [pid 896] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 896] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 896] close(3) = 0 [pid 896] close(4) = 0 [pid 896] mkdir("./file4", 0777) = 0 [ 47.175011][ T293] syz-executor248: attempt to access beyond end of device [ 47.175011][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 47.184681][ T894] F2FS-fs (loop1): fault_type options not supported [ 47.204373][ T896] loop4: detected capacity change from 0 to 40427 [ 47.211810][ T894] F2FS-fs (loop1): invalid crc value [ 47.227601][ T896] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 47.246112][ T896] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 47.246460][ T891] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 47.255995][ T896] F2FS-fs (loop4): fault_injection options not supported [ 47.269658][ T896] F2FS-fs (loop4): fault_type options not supported [pid 896] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 891] <... mount resumed>) = 0 [pid 891] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 891] chdir("./file4") = 0 [pid 891] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 891] ioctl(4, LOOP_CLR_FD) = 0 [pid 891] close(4) = 0 [pid 891] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 890] <... futex resumed>) = 0 [pid 891] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 890] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 890] <... futex resumed>) = 0 [pid 891] fspick(AT_FDCWD, ".", 0 [pid 890] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 891] <... fspick resumed>) = 4 [pid 891] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 890] <... futex resumed>) = 0 [pid 891] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 890] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 890] <... futex resumed>) = 0 [pid 891] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 47.278511][ T894] F2FS-fs (loop1): Found nat_bits in checkpoint [ 47.280521][ T891] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 47.292829][ T896] F2FS-fs (loop4): invalid crc value [ 47.317736][ T896] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 890] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 891] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 891] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 890] <... futex resumed>) = 0 [pid 891] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 890] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 890] <... futex resumed>) = 0 [pid 891] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 890] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 891] <... open resumed>) = 5 [pid 891] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 890] <... futex resumed>) = 0 [pid 891] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 890] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 891] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 890] <... futex resumed>) = 0 [pid 891] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 890] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 891] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 891] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 890] <... futex resumed>) = 0 [pid 890] close(3 [pid 891] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 890] <... close resumed>) = 0 [pid 898] <... write resumed>) = 20699119 [pid 890] close(4 [pid 898] munmap(0x7fc71771c000, 138412032 [pid 890] <... close resumed>) = 0 [pid 890] close(5) = 0 [pid 890] close(6) = -1 EBADF (Bad file descriptor) [pid 890] close(7) = -1 EBADF (Bad file descriptor) [pid 890] close(8) = -1 EBADF (Bad file descriptor) [pid 890] close(9 [pid 898] <... munmap resumed>) = 0 [pid 898] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 890] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 898] <... openat resumed>) = 4 [pid 890] close(10 [pid 898] ioctl(4, LOOP_SET_FD, 3 [pid 890] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 890] close(11) = -1 EBADF (Bad file descriptor) [pid 890] close(12) = -1 EBADF (Bad file descriptor) [pid 890] close(13) = -1 EBADF (Bad file descriptor) [pid 890] close(14) = -1 EBADF (Bad file descriptor) [pid 890] close(15) = -1 EBADF (Bad file descriptor) [pid 890] close(16) = -1 EBADF (Bad file descriptor) [pid 890] close(17) = -1 EBADF (Bad file descriptor) [pid 890] close(18) = -1 EBADF (Bad file descriptor) [pid 890] close(19) = -1 EBADF (Bad file descriptor) [pid 890] close(20) = -1 EBADF (Bad file descriptor) [pid 890] close(21) = -1 EBADF (Bad file descriptor) [pid 890] close(22) = -1 EBADF (Bad file descriptor) [pid 890] close(23) = -1 EBADF (Bad file descriptor) [pid 890] close(24) = -1 EBADF (Bad file descriptor) [pid 890] close(25) = -1 EBADF (Bad file descriptor) [pid 890] close(26) = -1 EBADF (Bad file descriptor) [pid 890] close(27) = -1 EBADF (Bad file descriptor) [pid 890] close(28) = -1 EBADF (Bad file descriptor) [pid 890] close(29) = -1 EBADF (Bad file descriptor) [pid 890] exit_group(0 [pid 891] <... futex resumed>) = ? [pid 890] <... exit_group resumed>) = ? [pid 891] +++ exited with 0 +++ [pid 890] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=41, si_uid=0, si_status=0, si_utime=8, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 47.336611][ T891] F2FS-fs (loop0): switch discard_unit option is not allowed [ 47.361250][ T898] loop3: detected capacity change from 0 to 40427 [ 47.379958][ T894] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [pid 898] <... ioctl resumed>) = 0 [pid 293] <... umount2 resumed>) = 0 [pid 898] close(3) = 0 [pid 294] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 898] close(4 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 898] <... close resumed>) = 0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 898] mkdir("./file4", 0777 [pid 294] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 898] <... mkdir resumed>) = 0 [pid 294] <... openat resumed>) = 3 [pid 293] newfstatat(AT_FDCWD, "./19/file4", [pid 898] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] newfstatat(3, "", [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, [pid 293] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 47.391013][ T898] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 47.398139][ T898] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 47.400785][ T894] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 47.410456][ T898] F2FS-fs (loop3): fault_injection options not supported [ 47.414297][ T294] syz-executor248: attempt to access beyond end of device [ 47.414297][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 293] openat(AT_FDCWD, "./19/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 894] <... mount resumed>) = 0 [pid 894] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 293] <... openat resumed>) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 894] <... openat resumed>) = 3 [pid 293] rmdir("./19/file4") = 0 [pid 293] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./19/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./19") = 0 [pid 293] mkdir("./20", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 42 [pid 894] chdir("./file4") = 0 [pid 894] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 894] ioctl(4, LOOP_CLR_FD) = 0 [pid 894] close(4) = 0 [pid 894] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 893] <... futex resumed>) = 0 [pid 893] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 893] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 894] <... futex resumed>) = 1 [pid 894] fspick(AT_FDCWD, ".", 0) = 4 [pid 894] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 893] <... futex resumed>) = 0 [pid 893] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 893] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 894] <... futex resumed>) = 1 [pid 894] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0./strace-static-x86_64: Process 915 attached ) = -1 EINVAL (Invalid argument) [pid 894] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 893] <... futex resumed>) = 0 [pid 893] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 893] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 894] <... futex resumed>) = 1 [pid 894] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 894] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 893] <... futex resumed>) = 0 [pid 893] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 893] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 894] <... futex resumed>) = 1 [pid 894] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 915] set_robust_list(0x5555875796a0, 24 [pid 894] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 893] <... futex resumed>) = 0 [pid 893] close(3) = 0 [pid 893] close(4) = 0 [pid 893] close(5) = 0 [pid 893] close(6) = -1 EBADF (Bad file descriptor) [pid 893] close(7) = -1 EBADF (Bad file descriptor) [pid 893] close(8) = -1 EBADF (Bad file descriptor) [pid 893] close(9) = -1 EBADF (Bad file descriptor) [pid 893] close(10) = -1 EBADF (Bad file descriptor) [pid 893] close(11) = -1 EBADF (Bad file descriptor) [pid 893] close(12) = -1 EBADF (Bad file descriptor) [pid 893] close(13) = -1 EBADF (Bad file descriptor) [pid 893] close(14) = -1 EBADF (Bad file descriptor) [pid 893] close(15) = -1 EBADF (Bad file descriptor) [pid 893] close(16) = -1 EBADF (Bad file descriptor) [pid 893] close(17) = -1 EBADF (Bad file descriptor) [pid 893] close(18) = -1 EBADF (Bad file descriptor) [pid 893] close(19) = -1 EBADF (Bad file descriptor) [pid 893] close(20) = -1 EBADF (Bad file descriptor) [pid 893] close(21) = -1 EBADF (Bad file descriptor) [pid 893] close(22) = -1 EBADF (Bad file descriptor) [pid 893] close(23) = -1 EBADF (Bad file descriptor) [pid 893] close(24) = -1 EBADF (Bad file descriptor) [pid 893] close(25) = -1 EBADF (Bad file descriptor) [pid 893] close(26) = -1 EBADF (Bad file descriptor) [pid 893] close(27) = -1 EBADF (Bad file descriptor) [pid 893] close(28) = -1 EBADF (Bad file descriptor) [pid 893] close(29) = -1 EBADF (Bad file descriptor) [pid 893] exit_group(0) = ? [pid 894] <... futex resumed>) = ? [pid 915] <... set_robust_list resumed>) = 0 [pid 915] chdir("./20" [pid 896] <... mount resumed>) = 0 [pid 915] <... chdir resumed>) = 0 [pid 896] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 896] chdir("./file4") = 0 [pid 915] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 896] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 915] <... prctl resumed>) = 0 [pid 896] <... openat resumed>) = 4 [pid 896] ioctl(4, LOOP_CLR_FD) = 0 [pid 896] close(4 [pid 915] setpgid(0, 0 [pid 896] <... close resumed>) = 0 [pid 894] +++ exited with 0 +++ [pid 893] +++ exited with 0 +++ [pid 915] <... setpgid resumed>) = 0 [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=42, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 915] <... openat resumed>) = 3 [pid 915] write(3, "1000", 4) = 4 [pid 915] close(3) = 0 executing program [pid 915] symlink("/dev/binderfs", "./binderfs") = 0 [pid 915] write(1, "executing program\n", 18) = 18 [pid 915] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 915] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [ 47.421235][ T898] F2FS-fs (loop3): fault_type options not supported [ 47.453450][ T898] F2FS-fs (loop3): invalid crc value [ 47.459151][ T896] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 47.468429][ T894] F2FS-fs (loop1): switch discard_unit option is not allowed [ 47.476548][ T896] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 915] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 915] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 915] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 915] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[43]}, 88) = 43 [pid 915] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 915] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 915] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 297] <... restart_syscall resumed>) = 0 [pid 297] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 896] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 896] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 895] <... futex resumed>) = 0 [pid 895] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 896] <... futex resumed>) = 0 [pid 895] <... futex resumed>) = 1 [pid 895] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 896] fspick(AT_FDCWD, ".", 0) = 4 [pid 896] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 895] <... futex resumed>) = 0 [pid 895] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 896] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 895] <... futex resumed>) = 0 ./strace-static-x86_64: Process 919 attached [pid 895] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 919] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 919] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 896] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 919] memfd_create("syzkaller", 0 [pid 896] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 895] <... futex resumed>) = 0 [pid 919] <... memfd_create resumed>) = 3 [pid 895] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 895] <... futex resumed>) = 0 [pid 895] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 896] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 896] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 895] <... futex resumed>) = 0 [pid 895] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 895] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 896] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 896] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 895] <... futex resumed>) = 0 [pid 895] close(3) = 0 [pid 895] close(4 [pid 896] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 895] <... close resumed>) = 0 [pid 895] close(5) = 0 [pid 895] close(6) = -1 EBADF (Bad file descriptor) [pid 895] close(7) = -1 EBADF (Bad file descriptor) [pid 895] close(8) = -1 EBADF (Bad file descriptor) [pid 895] close(9) = -1 EBADF (Bad file descriptor) [pid 895] close(10) = -1 EBADF (Bad file descriptor) [pid 895] close(11) = -1 EBADF (Bad file descriptor) [pid 895] close(12) = -1 EBADF (Bad file descriptor) [pid 895] close(13) = -1 EBADF (Bad file descriptor) [pid 895] close(14) = -1 EBADF (Bad file descriptor) [pid 895] close(15) = -1 EBADF (Bad file descriptor) [pid 895] close(16) = -1 EBADF (Bad file descriptor) [pid 895] close(17) = -1 EBADF (Bad file descriptor) [pid 895] close(18) = -1 EBADF (Bad file descriptor) [pid 895] close(19) = -1 EBADF (Bad file descriptor) [pid 895] close(20) = -1 EBADF (Bad file descriptor) [pid 895] close(21) = -1 EBADF (Bad file descriptor) [pid 895] close(22) = -1 EBADF (Bad file descriptor) [pid 895] close(23) = -1 EBADF (Bad file descriptor) [pid 895] close(24) = -1 EBADF (Bad file descriptor) [pid 895] close(25) = -1 EBADF (Bad file descriptor) [pid 895] close(26) = -1 EBADF (Bad file descriptor) [pid 895] close(27) = -1 EBADF (Bad file descriptor) [pid 895] close(28) = -1 EBADF (Bad file descriptor) [pid 895] close(29) = -1 EBADF (Bad file descriptor) [pid 895] exit_group(0) = ? [pid 896] <... futex resumed>) = ? [pid 896] +++ exited with 0 +++ [pid 895] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=40, si_uid=0, si_status=0, si_utime=6, si_stime=23} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 47.495092][ T898] F2FS-fs (loop3): Found nat_bits in checkpoint [ 47.502138][ T297] syz-executor248: attempt to access beyond end of device [ 47.502138][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 47.523600][ T896] F2FS-fs (loop4): switch discard_unit option is not allowed [ 47.556225][ T299] syz-executor248: attempt to access beyond end of device [ 47.556225][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 299] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 898] <... mount resumed>) = 0 [pid 898] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 898] chdir("./file4") = 0 [pid 898] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 898] ioctl(4, LOOP_CLR_FD) = 0 [pid 898] close(4) = 0 [pid 898] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 897] <... futex resumed>) = 0 [pid 898] <... futex resumed>) = 1 [pid 898] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 897] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 898] <... futex resumed>) = 0 [pid 898] fspick(AT_FDCWD, ".", 0) = 4 [pid 898] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 898] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 897] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] <... umount2 resumed>) = 0 [pid 898] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 898] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 897] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 898] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 898] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 897] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 897] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 898] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 898] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 897] <... futex resumed>) = 0 [pid 897] close(3) = 0 [pid 897] close(4) = 0 [pid 897] close(5) = 0 [pid 897] close(6) = -1 EBADF (Bad file descriptor) [pid 897] close(7) = -1 EBADF (Bad file descriptor) [pid 897] close(8) = -1 EBADF (Bad file descriptor) [pid 897] close(9) = -1 EBADF (Bad file descriptor) [pid 897] close(10) = -1 EBADF (Bad file descriptor) [pid 897] close(11) = -1 EBADF (Bad file descriptor) [pid 897] close(12) = -1 EBADF (Bad file descriptor) [pid 897] close(13) = -1 EBADF (Bad file descriptor) [pid 897] close(14) = -1 EBADF (Bad file descriptor) [pid 897] close(15) = -1 EBADF (Bad file descriptor) [pid 897] close(16) = -1 EBADF (Bad file descriptor) [pid 897] close(17) = -1 EBADF (Bad file descriptor) [pid 897] close(18) = -1 EBADF (Bad file descriptor) [pid 897] close(19) = -1 EBADF (Bad file descriptor) [pid 897] close(20) = -1 EBADF (Bad file descriptor) [pid 897] close(21) = -1 EBADF (Bad file descriptor) [pid 897] close(22) = -1 EBADF (Bad file descriptor) [pid 897] close(23) = -1 EBADF (Bad file descriptor) [pid 897] close(24) = -1 EBADF (Bad file descriptor) [pid 897] close(25) = -1 EBADF (Bad file descriptor) [pid 897] close(26) = -1 EBADF (Bad file descriptor) [pid 897] close(27) = -1 EBADF (Bad file descriptor) [pid 897] close(28) = -1 EBADF (Bad file descriptor) [pid 897] close(29) = -1 EBADF (Bad file descriptor) [pid 897] exit_group(0) = ? [pid 898] +++ exited with 0 +++ [pid 897] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=42, si_uid=0, si_status=0, si_utime=7, si_stime=16} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 294] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./19/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./19/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./19/file4") = 0 [pid 294] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./19/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./19") = 0 [pid 294] mkdir("./20", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 47.622436][ T898] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 47.629563][ T898] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 47.661848][ T898] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 294] close(3 [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... close resumed>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 43 ./strace-static-x86_64: Process 921 attached [pid 921] set_robust_list(0x5555875796a0, 24) = 0 [pid 921] chdir("./20") = 0 [pid 921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 921] setpgid(0, 0) = 0 [pid 921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 921] write(3, "1000", 4) = 4 [pid 921] close(3) = 0 [pid 921] symlink("/dev/binderfs", "./binderfs") = 0 [pid 921] write(1, "executing program\n", 18executing program ) = 18 [pid 921] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 921] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 921] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 921] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 921] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 921] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 921] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[44]}, 88) = 44 [pid 921] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 921] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 921] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 922 attached [pid 297] newfstatat(AT_FDCWD, "./20/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./20/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./20/file4") = 0 [pid 297] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./20/binderfs") = 0 [pid 922] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 922] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [ 47.706643][ T298] syz-executor248: attempt to access beyond end of device [ 47.706643][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 297] rmdir("./20") = 0 [pid 297] mkdir("./21", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3 [pid 922] memfd_create("syzkaller", 0) = 3 [pid 922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 297] <... close resumed>) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 44 ./strace-static-x86_64: Process 923 attached [pid 923] set_robust_list(0x5555875796a0, 24) = 0 [pid 923] chdir("./21") = 0 [pid 923] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 923] setpgid(0, 0) = 0 [pid 923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 923] write(3, "1000", 4) = 4 [pid 923] close(3) = 0 [pid 923] symlink("/dev/binderfs", "./binderfs") = 0 [pid 923] write(1, "executing program\n", 18executing program ) = 18 [pid 923] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 923] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 923] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 923] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 923] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 923] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 923] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[45]}, 88) = 45 [pid 923] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 923] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 923] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 924 attached [pid 924] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 924] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 924] memfd_create("syzkaller", 0) = 3 [pid 924] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... umount2 resumed>) = 0 [pid 919] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 299] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./19/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./19/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./19/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./19/file4") = 0 [pid 299] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./19/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./19") = 0 [pid 299] mkdir("./20", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 42 ./strace-static-x86_64: Process 925 attached [pid 925] set_robust_list(0x5555875796a0, 24) = 0 [pid 925] chdir("./20") = 0 [pid 925] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 925] setpgid(0, 0) = 0 [pid 925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 925] write(3, "1000", 4) = 4 executing program [pid 925] close(3) = 0 [pid 925] symlink("/dev/binderfs", "./binderfs") = 0 [pid 925] write(1, "executing program\n", 18) = 18 [pid 925] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 925] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 925] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 925] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 925] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 925] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 925] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[43]}, 88) = 43 [pid 925] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 925] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 925] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 926 attached [pid 926] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 926] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 926] memfd_create("syzkaller", 0) = 3 [pid 926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./20/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./20/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./20/file4") = 0 [pid 298] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./20/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./20") = 0 [pid 298] mkdir("./21", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3 [pid 922] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 919] <... write resumed>) = 20699119 [pid 298] <... close resumed>) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 919] munmap(0x7fc71771c000, 138412032) = 0 [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 44 [pid 919] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 ./strace-static-x86_64: Process 927 attached [pid 927] set_robust_list(0x5555875796a0, 24) = 0 [pid 927] chdir("./21") = 0 executing program [pid 927] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 919] ioctl(4, LOOP_SET_FD, 3 [pid 927] setpgid(0, 0) = 0 [pid 927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 927] write(3, "1000", 4) = 4 [pid 927] close(3) = 0 [pid 927] symlink("/dev/binderfs", "./binderfs") = 0 [pid 927] write(1, "executing program\n", 18) = 18 [pid 927] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 927] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 927] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 927] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 927] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 927] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 927] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[45]}, 88) = 45 [pid 927] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 927] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 927] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 928 attached [pid 928] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 928] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 928] memfd_create("syzkaller", 0) = 3 [pid 928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 919] <... ioctl resumed>) = 0 [pid 919] close(3) = 0 [pid 919] close(4) = 0 [pid 919] mkdir("./file4", 0777) = 0 [ 48.010577][ T919] loop2: detected capacity change from 0 to 40427 [ 48.031344][ T919] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 48.050349][ T919] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 919] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 48.058640][ T919] F2FS-fs (loop2): fault_injection options not supported [pid 924] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 48.097081][ T919] F2FS-fs (loop2): fault_type options not supported [ 48.125375][ T919] F2FS-fs (loop2): invalid crc value [pid 926] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 922] <... write resumed>) = 20699119 [pid 922] munmap(0x7fc71771c000, 138412032) = 0 [pid 922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 922] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 922] close(3) = 0 [pid 922] close(4) = 0 [pid 922] mkdir("./file4", 0777) = 0 [ 48.151155][ T919] F2FS-fs (loop2): Found nat_bits in checkpoint [ 48.190754][ T922] loop0: detected capacity change from 0 to 40427 [pid 922] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 924] <... write resumed>) = 20699119 [pid 928] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 924] munmap(0x7fc71771c000, 138412032) = 0 [pid 924] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 924] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 924] close(3) = 0 [pid 924] close(4) = 0 [ 48.221994][ T922] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 48.229178][ T922] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 48.244427][ T922] F2FS-fs (loop0): fault_injection options not supported [ 48.252375][ T922] F2FS-fs (loop0): fault_type options not supported [ 48.259196][ T924] loop1: detected capacity change from 0 to 40427 [ 48.261848][ T922] F2FS-fs (loop0): invalid crc value [pid 924] mkdir("./file4", 0777) = 0 [pid 924] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 926] <... write resumed>) = 20699119 [pid 926] munmap(0x7fc71771c000, 138412032 [pid 919] <... mount resumed>) = 0 [pid 919] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 919] chdir("./file4") = 0 [pid 919] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 919] ioctl(4, LOOP_CLR_FD) = 0 [pid 919] close(4) = 0 [ 48.273602][ T919] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 48.282184][ T924] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 48.289178][ T924] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 48.303599][ T919] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 48.304506][ T924] F2FS-fs (loop1): fault_injection options not supported [pid 919] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 915] <... futex resumed>) = 0 [pid 915] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 915] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 919] <... futex resumed>) = 1 [pid 919] fspick(AT_FDCWD, ".", 0) = 4 [pid 919] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 915] <... futex resumed>) = 0 [pid 915] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 915] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 919] <... futex resumed>) = 1 [pid 919] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 926] <... munmap resumed>) = 0 [pid 926] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 926] ioctl(4, LOOP_SET_FD, 3 [pid 919] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [ 48.318691][ T924] F2FS-fs (loop1): fault_type options not supported [ 48.325299][ T919] F2FS-fs (loop2): switch discard_unit option is not allowed [ 48.341184][ T926] loop4: detected capacity change from 0 to 40427 [ 48.357674][ T926] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 48.361529][ T924] F2FS-fs (loop1): invalid crc value [pid 926] <... ioctl resumed>) = 0 [pid 926] close(3) = 0 [pid 926] close(4) = 0 [pid 926] mkdir("./file4", 0777) = 0 [pid 926] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 915] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 915] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fafb000 [pid 915] mprotect(0x7fc71fafc000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 915] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 915] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb1b990, parent_tid=0x7fc71fb1b990, exit_signal=0, stack=0x7fc71fafb000, stack_size=0x20300, tls=0x7fc71fb1b6c0} => {parent_tid=[44]}, 88) = 44 [pid 915] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 915] futex(0x7fc71fc0d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 915] futex(0x7fc71fc0d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 919] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 919] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 928] <... write resumed>) = 20699119 [pid 928] munmap(0x7fc71771c000, 138412032) = 0 [pid 928] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 928] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 938 attached [pid 938] set_robust_list(0x7fc71fb1b9a0, 24) = 0 [pid 938] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 938] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 938] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 915] <... futex resumed>) = 0 [pid 915] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 915] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 919] <... futex resumed>) = 0 [pid 919] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 919] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 915] <... futex resumed>) = 0 [pid 915] close(3) = 0 [pid 915] close(4) = 0 [pid 915] close(5) = 0 [pid 915] close(6) = -1 EBADF (Bad file descriptor) [pid 915] close(7) = -1 EBADF (Bad file descriptor) [pid 915] close(8) = -1 EBADF (Bad file descriptor) [pid 915] close(9) = -1 EBADF (Bad file descriptor) [pid 915] close(10) = -1 EBADF (Bad file descriptor) [pid 915] close(11) = -1 EBADF (Bad file descriptor) [pid 915] close(12) = -1 EBADF (Bad file descriptor) [pid 915] close(13) = -1 EBADF (Bad file descriptor) [pid 915] close(14) = -1 EBADF (Bad file descriptor) [pid 915] close(15) = -1 EBADF (Bad file descriptor) [pid 915] close(16) = -1 EBADF (Bad file descriptor) [pid 915] close(17) = -1 EBADF (Bad file descriptor) [pid 915] close(18) = -1 EBADF (Bad file descriptor) [pid 915] close(19) = -1 EBADF (Bad file descriptor) [pid 915] close(20) = -1 EBADF (Bad file descriptor) [pid 915] close(21) = -1 EBADF (Bad file descriptor) [pid 915] close(22) = -1 EBADF (Bad file descriptor) [pid 915] close(23) = -1 EBADF (Bad file descriptor) [pid 915] close(24) = -1 EBADF (Bad file descriptor) [pid 915] close(25) = -1 EBADF (Bad file descriptor) [pid 915] close(26) = -1 EBADF (Bad file descriptor) [pid 915] close(27) = -1 EBADF (Bad file descriptor) [pid 915] close(28) = -1 EBADF (Bad file descriptor) [pid 915] close(29) = -1 EBADF (Bad file descriptor) [pid 915] exit_group(0) = ? [pid 919] <... futex resumed>) = ? [pid 919] +++ exited with 0 +++ [pid 938] <... futex resumed>) = ? [pid 938] +++ exited with 0 +++ [pid 915] +++ exited with 0 +++ [pid 928] <... ioctl resumed>) = 0 [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=42, si_uid=0, si_status=0, si_utime=4, si_stime=19} --- [pid 928] close(3 [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 928] <... close resumed>) = 0 [pid 928] close(4) = 0 [pid 928] mkdir("./file4", 0777) = 0 [ 48.365521][ T922] F2FS-fs (loop0): Found nat_bits in checkpoint [ 48.391460][ T924] F2FS-fs (loop1): Found nat_bits in checkpoint [ 48.391888][ T926] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 48.408322][ T928] loop3: detected capacity change from 0 to 40427 [pid 928] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 293] <... restart_syscall resumed>) = 0 [pid 293] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 48.422934][ T928] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 48.450346][ T928] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 48.450422][ T926] F2FS-fs (loop4): fault_injection options not supported [ 48.476254][ T928] F2FS-fs (loop3): fault_injection options not supported [ 48.494797][ T924] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 48.500090][ T926] F2FS-fs (loop4): fault_type options not supported [ 48.504820][ T924] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 48.514478][ T922] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [pid 293] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 924] <... mount resumed>) = 0 [pid 924] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 924] chdir("./file4") = 0 [pid 924] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 922] <... mount resumed>) = 0 [pid 922] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 922] chdir("./file4") = 0 [pid 922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 922] ioctl(4, LOOP_CLR_FD) = 0 [pid 922] close(4) = 0 [pid 922] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... futex resumed>) = 0 [pid 921] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 921] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 922] <... futex resumed>) = 1 [pid 922] fspick(AT_FDCWD, ".", 0) = 4 [pid 922] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... futex resumed>) = 0 [pid 921] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 921] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 922] <... futex resumed>) = 1 [pid 922] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 924] ioctl(4, LOOP_CLR_FD) = 0 [pid 924] close(4) = 0 [pid 924] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 922] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 922] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... futex resumed>) = 0 [pid 921] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 921] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 922] <... futex resumed>) = 1 [pid 922] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 922] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... futex resumed>) = 0 [pid 924] <... futex resumed>) = 1 [pid 923] <... futex resumed>) = 0 [pid 921] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 924] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 923] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... futex resumed>) = 0 [pid 924] <... futex resumed>) = 0 [pid 923] <... futex resumed>) = 1 [pid 921] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 924] fspick(AT_FDCWD, ".", 0) = 4 [pid 923] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 924] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 923] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 924] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 923] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 924] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 923] <... futex resumed>) = 0 [ 48.516789][ T928] F2FS-fs (loop3): fault_type options not supported [ 48.524509][ T926] F2FS-fs (loop4): invalid crc value [ 48.536757][ T922] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 48.547664][ T928] F2FS-fs (loop3): invalid crc value [ 48.556184][ T922] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 923] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 922] <... futex resumed>) = 1 [pid 922] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 922] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 921] <... futex resumed>) = 0 [pid 921] close(3) = 0 [pid 921] close(4) = 0 [pid 921] close(5) = 0 [pid 921] close(6) = -1 EBADF (Bad file descriptor) [pid 921] close(7) = -1 EBADF (Bad file descriptor) [pid 921] close(8) = -1 EBADF (Bad file descriptor) [pid 921] close(9) = -1 EBADF (Bad file descriptor) [pid 921] close(10) = -1 EBADF (Bad file descriptor) [pid 921] close(11) = -1 EBADF (Bad file descriptor) [pid 921] close(12) = -1 EBADF (Bad file descriptor) [pid 921] close(13) = -1 EBADF (Bad file descriptor) [pid 921] close(14) = -1 EBADF (Bad file descriptor) [pid 921] close(15) = -1 EBADF (Bad file descriptor) [pid 921] close(16) = -1 EBADF (Bad file descriptor) [pid 921] close(17) = -1 EBADF (Bad file descriptor) [pid 921] close(18) = -1 EBADF (Bad file descriptor) [pid 921] close(19) = -1 EBADF (Bad file descriptor) [pid 921] close(20) = -1 EBADF (Bad file descriptor) [pid 921] close(21) = -1 EBADF (Bad file descriptor) [pid 921] close(22) = -1 EBADF (Bad file descriptor) [pid 921] close(23) = -1 EBADF (Bad file descriptor) [pid 921] close(24) = -1 EBADF (Bad file descriptor) [pid 921] close(25) = -1 EBADF (Bad file descriptor) [pid 921] close(26) = -1 EBADF (Bad file descriptor) [pid 921] close(27) = -1 EBADF (Bad file descriptor) [pid 921] close(28) = -1 EBADF (Bad file descriptor) [pid 921] close(29) = -1 EBADF (Bad file descriptor) [pid 921] exit_group(0) = ? [pid 922] <... futex resumed>) = ? [pid 922] +++ exited with 0 +++ [pid 921] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=43, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 924] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 924] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 923] <... futex resumed>) = 0 [pid 924] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 923] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 924] <... futex resumed>) = 0 [pid 923] <... futex resumed>) = 1 [pid 924] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 923] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 924] <... open resumed>) = 5 [pid 924] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 924] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 923] <... futex resumed>) = 0 [pid 923] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 924] <... futex resumed>) = 0 [pid 923] <... futex resumed>) = 1 [pid 923] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 924] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 924] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 924] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 923] <... futex resumed>) = 0 [pid 923] close(3) = 0 [pid 923] close(4) = 0 [pid 923] close(5) = 0 [pid 923] close(6) = -1 EBADF (Bad file descriptor) [pid 923] close(7) = -1 EBADF (Bad file descriptor) [pid 923] close(8) = -1 EBADF (Bad file descriptor) [pid 923] close(9) = -1 EBADF (Bad file descriptor) [pid 923] close(10) = -1 EBADF (Bad file descriptor) [pid 923] close(11) = -1 EBADF (Bad file descriptor) [pid 923] close(12) = -1 EBADF (Bad file descriptor) [pid 923] close(13) = -1 EBADF (Bad file descriptor) [pid 923] close(14) = -1 EBADF (Bad file descriptor) [pid 923] close(15) = -1 EBADF (Bad file descriptor) [pid 923] close(16) = -1 EBADF (Bad file descriptor) [pid 923] close(17) = -1 EBADF (Bad file descriptor) [pid 923] close(18) = -1 EBADF (Bad file descriptor) [pid 923] close(19) = -1 EBADF (Bad file descriptor) [pid 923] close(20) = -1 EBADF (Bad file descriptor) [pid 923] close(21) = -1 EBADF (Bad file descriptor) [pid 923] close(22 [pid 294] <... restart_syscall resumed>) = 0 [pid 923] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 923] close(23) = -1 EBADF (Bad file descriptor) [pid 294] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 923] close(24 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 923] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 923] close(25 [pid 294] <... openat resumed>) = 3 [pid 923] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] newfstatat(3, "", [pid 923] close(26 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 923] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] getdents64(3, [pid 923] close(27 [pid 294] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 923] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 48.571734][ T924] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 923] close(28) = -1 EBADF (Bad file descriptor) [pid 293] <... umount2 resumed>) = 0 [pid 923] close(29 [pid 293] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 923] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./20/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 923] exit_group(0 [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./20/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./20/file4") = 0 [pid 293] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./20/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./20") = 0 [pid 293] mkdir("./21", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 45 [pid 924] <... futex resumed>) = ? [pid 923] <... exit_group resumed>) = ? [pid 924] +++ exited with 0 +++ [pid 923] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program ./strace-static-x86_64: Process 948 attached [pid 948] set_robust_list(0x5555875796a0, 24) = 0 [pid 948] chdir("./21") = 0 [pid 948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 948] setpgid(0, 0) = 0 [pid 948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 948] write(3, "1000", 4) = 4 [pid 948] close(3) = 0 [pid 948] symlink("/dev/binderfs", "./binderfs") = 0 [pid 948] write(1, "executing program\n", 18) = 18 [pid 948] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 948] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 948] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 948] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 948] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 948] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[46]}, 88) = 46 [pid 948] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 948] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 948] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 949 attached [pid 949] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 949] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 949] memfd_create("syzkaller", 0) = 3 [pid 949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 48.606770][ T928] F2FS-fs (loop3): Found nat_bits in checkpoint [ 48.615217][ T926] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 949] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... umount2 resumed>) = 0 [pid 926] <... mount resumed>) = 0 [pid 926] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 926] chdir("./file4") = 0 [pid 926] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 926] ioctl(4, LOOP_CLR_FD) = 0 [pid 926] close(4) = 0 [pid 926] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 925] <... futex resumed>) = 0 [pid 925] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 925] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 926] <... futex resumed>) = 1 [pid 926] fspick(AT_FDCWD, ".", 0) = 4 [pid 926] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 925] <... futex resumed>) = 0 [pid 925] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 925] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 926] <... futex resumed>) = 1 [ 48.754850][ T926] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 48.769845][ T928] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 48.777384][ T926] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 48.785955][ T928] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 926] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 928] <... mount resumed>) = 0 [pid 928] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 928] chdir("./file4") = 0 [pid 928] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 928] ioctl(4, LOOP_CLR_FD) = 0 [pid 928] close(4) = 0 [pid 928] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 927] <... futex resumed>) = 0 [pid 928] fspick(AT_FDCWD, ".", 0 [pid 927] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 928] <... fspick resumed>) = 4 [pid 927] <... futex resumed>) = 0 [pid 927] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 928] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 927] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 928] <... futex resumed>) = 0 [pid 294] newfstatat(AT_FDCWD, "./20/file4", [pid 927] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 928] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 927] <... futex resumed>) = 0 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 927] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./20/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", [pid 926] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 926] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 925] <... futex resumed>) = 0 [pid 925] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 925] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 926] <... futex resumed>) = 1 [pid 926] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, [pid 926] <... open resumed>) = 5 [pid 294] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, [pid 926] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 925] <... futex resumed>) = 0 [pid 925] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 925] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 926] <... futex resumed>) = 1 [pid 926] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 294] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 926] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 925] <... futex resumed>) = 0 [pid 925] close(3) = 0 [pid 925] close(4) = 0 [pid 925] close(5) = 0 [pid 925] close(6) = -1 EBADF (Bad file descriptor) [pid 925] close(7) = -1 EBADF (Bad file descriptor) [pid 925] close(8) = -1 EBADF (Bad file descriptor) [pid 925] close(9) = -1 EBADF (Bad file descriptor) [pid 925] close(10) = -1 EBADF (Bad file descriptor) [pid 925] close(11) = -1 EBADF (Bad file descriptor) [pid 925] close(12) = -1 EBADF (Bad file descriptor) [pid 925] close(13) = -1 EBADF (Bad file descriptor) [pid 925] close(14) = -1 EBADF (Bad file descriptor) [pid 925] close(15) = -1 EBADF (Bad file descriptor) [pid 925] close(16) = -1 EBADF (Bad file descriptor) [pid 925] close(17) = -1 EBADF (Bad file descriptor) [pid 925] close(18) = -1 EBADF (Bad file descriptor) [pid 925] close(19) = -1 EBADF (Bad file descriptor) [pid 925] close(20) = -1 EBADF (Bad file descriptor) [pid 925] close(21) = -1 EBADF (Bad file descriptor) [pid 925] close(22) = -1 EBADF (Bad file descriptor) [pid 925] close(23) = -1 EBADF (Bad file descriptor) [pid 925] close(24) = -1 EBADF (Bad file descriptor) [pid 925] close(25) = -1 EBADF (Bad file descriptor) [pid 925] close(26) = -1 EBADF (Bad file descriptor) [pid 925] close(27) = -1 EBADF (Bad file descriptor) [pid 925] close(28) = -1 EBADF (Bad file descriptor) [pid 925] close(29) = -1 EBADF (Bad file descriptor) [pid 925] exit_group(0) = ? [pid 926] <... futex resumed>) = ? [pid 294] close(4 [pid 926] +++ exited with 0 +++ [pid 925] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=42, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 928] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 294] <... close resumed>) = 0 [pid 294] rmdir("./20/file4" [pid 928] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 928] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 294] <... rmdir resumed>) = 0 [pid 927] <... futex resumed>) = 0 [pid 927] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 927] <... futex resumed>) = 1 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 928] <... futex resumed>) = 0 [pid 928] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 927] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./20/binderfs" [pid 928] <... open resumed>) = 5 [pid 294] <... unlink resumed>) = 0 [pid 928] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 928] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 927] <... futex resumed>) = 0 [pid 294] getdents64(3, [pid 927] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 927] <... futex resumed>) = 1 [pid 294] close(3 [pid 928] <... futex resumed>) = 0 [pid 928] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 927] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] <... close resumed>) = 0 [pid 928] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 928] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 928] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 927] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 294] rmdir("./20" [pid 927] close(3) = 0 [pid 294] <... rmdir resumed>) = 0 [pid 927] close(4) = 0 [pid 294] mkdir("./21", 0777 [pid 927] close(5) = 0 [pid 294] <... mkdir resumed>) = 0 [pid 927] close(6) = -1 EBADF (Bad file descriptor) [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 927] close(7 [pid 294] <... openat resumed>) = 3 [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 294] ioctl(3, LOOP_CLR_FD [pid 927] close(8) = -1 EBADF (Bad file descriptor) [pid 294] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 927] close(9 [pid 294] close(3 [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 927] close(10 [pid 297] <... umount2 resumed>) = 0 [pid 294] <... close resumed>) = 0 [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 927] close(11) = -1 EBADF (Bad file descriptor) [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 45 [pid 927] close(12) = -1 EBADF (Bad file descriptor) [pid 927] close(13) = -1 EBADF (Bad file descriptor) [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 927] close(14 [pid 297] newfstatat(AT_FDCWD, "./21/file4", [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 927] close(15 [pid 297] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 927] close(16 [pid 297] openat(AT_FDCWD, "./21/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 927] close(17 [pid 297] <... openat resumed>) = 4 [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] newfstatat(4, "", [pid 927] close(18) = -1 EBADF (Bad file descriptor) [pid 927] close(19) = -1 EBADF (Bad file descriptor) [pid 927] close(20) = -1 EBADF (Bad file descriptor) [pid 927] close(21) = -1 EBADF (Bad file descriptor) [pid 927] close(22./strace-static-x86_64: Process 952 attached ) = -1 EBADF (Bad file descriptor) [pid 927] close(23 [pid 952] set_robust_list(0x5555875796a0, 24 [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 927] close(24) = -1 EBADF (Bad file descriptor) [pid 927] close(25) = -1 EBADF (Bad file descriptor) [pid 927] close(26 [pid 952] <... set_robust_list resumed>) = 0 [pid 927] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 927] close(27) = -1 EBADF (Bad file descriptor) [pid 927] close(28) = -1 EBADF (Bad file descriptor) [pid 927] close(29) = -1 EBADF (Bad file descriptor) [pid 927] exit_group(0 [pid 928] <... futex resumed>) = ? [pid 927] <... exit_group resumed>) = ? [pid 928] +++ exited with 0 +++ [pid 952] chdir("./21") = 0 [pid 927] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 952] setpgid(0, 0) = 0 [pid 952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 952] <... openat resumed>) = 3 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 952] write(3, "1000", 4) = 4 [pid 952] close(3) = 0 [pid 952] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 952] write(1, "executing program\n", 18) = 18 [pid 952] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] getdents64(4, [pid 952] <... futex resumed>) = 0 [pid 952] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 952] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 952] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 952] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 48.806447][ T926] F2FS-fs (loop4): switch discard_unit option is not allowed [ 48.832794][ T928] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 298] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./21/file4" [pid 952] rt_sigprocmask(SIG_BLOCK, ~[], [pid 297] <... rmdir resumed>) = 0 [pid 297] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 952] <... rt_sigprocmask resumed>[], 8) = 0 [pid 952] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 952] <... clone3 resumed> => {parent_tid=[46]}, 88) = 46 [pid 952] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 952] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 952] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 297] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./21/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./21") = 0 [pid 297] mkdir("./22", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 46 ./strace-static-x86_64: Process 953 attached [pid 953] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 953] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 953] memfd_create("syzkaller", 0) = 3 [pid 953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 ./strace-static-x86_64: Process 954 attached [pid 954] set_robust_list(0x5555875796a0, 24) = 0 [pid 954] chdir("./22") = 0 [pid 954] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 954] setpgid(0, 0) = 0 [pid 954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 954] write(3, "1000", 4) = 4 [pid 954] close(3) = 0 [pid 954] symlink("/dev/binderfs", "./binderfs") = 0 [pid 954] write(1, "executing program\n", 18executing program ) = 18 [pid 954] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 954] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 954] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 954] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 954] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 954] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 954] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[47]}, 88) = 47 [pid 954] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 954] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 954] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 955 attached [pid 955] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 955] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 955] memfd_create("syzkaller", 0) = 3 [pid 955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 949] <... write resumed>) = 20699119 [pid 949] munmap(0x7fc71771c000, 138412032) = 0 [pid 949] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 949] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 949] close(3) = 0 [pid 949] close(4) = 0 [pid 949] mkdir("./file4", 0777) = 0 [ 48.947606][ T949] loop2: detected capacity change from 0 to 40427 [ 48.969341][ T949] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 48.980427][ T949] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 48.999438][ T949] F2FS-fs (loop2): fault_injection options not supported [ 49.019885][ T949] F2FS-fs (loop2): fault_type options not supported [ 49.027471][ T949] F2FS-fs (loop2): invalid crc value [ 49.058238][ T949] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 949] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./20/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./20/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./20/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./20/file4") = 0 [pid 299] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./20/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./20") = 0 [pid 299] mkdir("./21", 0777 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... mkdir resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./21/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 298] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./21/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 299] <... openat resumed>) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3 [pid 298] <... openat resumed>) = 4 [pid 299] <... close resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 44 ./strace-static-x86_64: Process 960 attached [pid 955] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./21/file4") = 0 [pid 298] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./21/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./21") = 0 [pid 298] mkdir("./22", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 960] set_robust_list(0x5555875796a0, 24) = 0 [pid 960] chdir("./21" [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 46 executing program [pid 960] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 961 attached [pid 961] set_robust_list(0x5555875796a0, 24) = 0 [pid 961] chdir("./22") = 0 [pid 961] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 961] setpgid(0, 0) = 0 [pid 961] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 961] write(3, "1000", 4) = 4 [pid 961] close(3) = 0 [pid 961] symlink("/dev/binderfs", "./binderfs") = 0 [pid 961] write(1, "executing program\n", 18) = 18 [pid 961] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 961] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 961] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 961] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 961] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 961] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[47]}, 88) = 47 [pid 961] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 961] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 962 attached [pid 962] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 962] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 962] memfd_create("syzkaller", 0) = 3 [pid 962] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 960] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 960] setpgid(0, 0) = 0 [pid 960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 960] write(3, "1000", 4) = 4 [pid 960] close(3) = 0 [pid 960] symlink("/dev/binderfs", "./binderfs") = 0 [pid 960] write(1, "executing program\n", 18executing program ) = 18 [pid 960] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 960] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 960] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 960] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 960] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 960] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 960] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[45]}, 88) = 45 [pid 960] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 960] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 960] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 963 attached [pid 949] <... mount resumed>) = 0 [pid 963] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 963] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 949] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 963] memfd_create("syzkaller", 0) = 3 [pid 963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 949] <... openat resumed>) = 3 [pid 949] chdir("./file4") = 0 [pid 949] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 949] ioctl(4, LOOP_CLR_FD) = 0 [pid 949] close(4) = 0 [pid 949] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 948] <... futex resumed>) = 0 [pid 948] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 948] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 949] fspick(AT_FDCWD, ".", 0) = 4 [pid 949] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 948] <... futex resumed>) = 0 [pid 948] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 948] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 49.150886][ T949] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 49.180053][ T949] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 949] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 953] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 949] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 949] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 948] <... futex resumed>) = 0 [pid 948] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 948] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 949] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 949] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 948] <... futex resumed>) = 0 [pid 948] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 948] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 949] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 949] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 948] <... futex resumed>) = 0 [pid 948] close(3) = 0 [pid 948] close(4) = 0 [pid 948] close(5) = 0 [pid 948] close(6) = -1 EBADF (Bad file descriptor) [pid 948] close(7) = -1 EBADF (Bad file descriptor) [pid 948] close(8) = -1 EBADF (Bad file descriptor) [pid 948] close(9) = -1 EBADF (Bad file descriptor) [pid 948] close(10) = -1 EBADF (Bad file descriptor) [pid 948] close(11) = -1 EBADF (Bad file descriptor) [pid 948] close(12) = -1 EBADF (Bad file descriptor) [pid 948] close(13) = -1 EBADF (Bad file descriptor) [pid 948] close(14) = -1 EBADF (Bad file descriptor) [pid 948] close(15) = -1 EBADF (Bad file descriptor) [pid 948] close(16) = -1 EBADF (Bad file descriptor) [pid 948] close(17) = -1 EBADF (Bad file descriptor) [pid 948] close(18) = -1 EBADF (Bad file descriptor) [pid 948] close(19) = -1 EBADF (Bad file descriptor) [pid 948] close(20) = -1 EBADF (Bad file descriptor) [pid 948] close(21) = -1 EBADF (Bad file descriptor) [pid 948] close(22) = -1 EBADF (Bad file descriptor) [pid 948] close(23) = -1 EBADF (Bad file descriptor) [pid 948] close(24) = -1 EBADF (Bad file descriptor) [pid 948] close(25) = -1 EBADF (Bad file descriptor) [pid 948] close(26) = -1 EBADF (Bad file descriptor) [pid 948] close(27) = -1 EBADF (Bad file descriptor) [pid 948] close(28) = -1 EBADF (Bad file descriptor) [pid 948] close(29) = -1 EBADF (Bad file descriptor) [pid 948] exit_group(0 [pid 949] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 948] <... exit_group resumed>) = ? [pid 949] <... futex resumed>) = ? [pid 949] +++ exited with 0 +++ [pid 948] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=45, si_uid=0, si_status=0, si_utime=5, si_stime=24} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 49.213229][ T949] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 293] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 953] <... write resumed>) = 20699119 [pid 953] munmap(0x7fc71771c000, 138412032) = 0 [pid 953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 953] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 953] close(3) = 0 [pid 953] close(4) = 0 [pid 953] mkdir("./file4", 0777) = 0 [pid 953] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 49.337655][ T953] loop0: detected capacity change from 0 to 40427 [ 49.353319][ T953] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 962] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 955] <... write resumed>) = 20699119 [pid 955] munmap(0x7fc71771c000, 138412032) = 0 [pid 955] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 955] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 955] close(3) = 0 [pid 955] close(4) = 0 [pid 955] mkdir("./file4", 0777) = 0 [ 49.380489][ T953] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 49.401893][ T955] loop1: detected capacity change from 0 to 40427 [ 49.410151][ T953] F2FS-fs (loop0): fault_injection options not supported [pid 955] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 293] <... umount2 resumed>) = 0 [ 49.427037][ T955] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 49.427522][ T953] F2FS-fs (loop0): fault_type options not supported [ 49.450408][ T955] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 49.469495][ T955] F2FS-fs (loop1): fault_injection options not supported [pid 293] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./21/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./21/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./21/file4") = 0 [pid 293] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./21/binderfs", [pid 963] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./21/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./21") = 0 [pid 293] mkdir("./22", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 47 ./strace-static-x86_64: Process 969 attached [pid 969] set_robust_list(0x5555875796a0, 24) = 0 [ 49.477455][ T953] F2FS-fs (loop0): invalid crc value [ 49.479694][ T955] F2FS-fs (loop1): fault_type options not supported [ 49.495677][ T955] F2FS-fs (loop1): invalid crc value [ 49.502616][ T953] F2FS-fs (loop0): Found nat_bits in checkpoint [pid 969] chdir("./22") = 0 [pid 969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 969] setpgid(0, 0) = 0 [pid 969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 969] write(3, "1000", 4) = 4 [pid 969] close(3) = 0 [pid 969] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 969] write(1, "executing program\n", 18) = 18 [pid 969] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 969] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 969] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 969] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 969] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 969] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 969] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[48]}, 88) = 48 [pid 969] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 969] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 969] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 962] <... write resumed>) = 20699119 [pid 962] munmap(0x7fc71771c000, 138412032) = 0 [pid 962] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 971 attached [pid 971] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 971] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 971] memfd_create("syzkaller", 0) = 3 [pid 971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 962] <... openat resumed>) = 4 [pid 962] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 962] close(3) = 0 [pid 962] close(4) = 0 [pid 962] mkdir("./file4", 0777) = 0 [ 49.531126][ T955] F2FS-fs (loop1): Found nat_bits in checkpoint [ 49.551742][ T962] loop3: detected capacity change from 0 to 40427 [ 49.564935][ T962] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [pid 962] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 953] <... mount resumed>) = 0 [pid 953] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 953] chdir("./file4") = 0 [pid 953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 953] ioctl(4, LOOP_CLR_FD) = 0 [pid 953] close(4) = 0 [pid 953] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 952] <... futex resumed>) = 0 [pid 953] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 952] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 953] <... futex resumed>) = 0 [pid 952] <... futex resumed>) = 1 [pid 953] fspick(AT_FDCWD, ".", 0 [ 49.579158][ T962] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 49.588281][ T953] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 49.595793][ T953] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 49.603651][ T962] F2FS-fs (loop3): fault_injection options not supported [ 49.611155][ T962] F2FS-fs (loop3): fault_type options not supported [ 49.621307][ T962] F2FS-fs (loop3): invalid crc value [pid 952] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 953] <... fspick resumed>) = 4 [pid 953] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 952] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 953] <... futex resumed>) = 0 [pid 953] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 952] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 953] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 952] <... futex resumed>) = 0 [pid 953] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 952] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 953] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 953] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 952] <... futex resumed>) = 0 [pid 952] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 952] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 953] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 953] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 952] <... futex resumed>) = 0 [pid 952] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 952] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 953] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 953] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 952] <... futex resumed>) = 0 [pid 952] close(3) = 0 [pid 952] close(4) = 0 [pid 952] close(5) = 0 [pid 952] close(6) = -1 EBADF (Bad file descriptor) [pid 952] close(7) = -1 EBADF (Bad file descriptor) [pid 952] close(8) = -1 EBADF (Bad file descriptor) [pid 952] close(9) = -1 EBADF (Bad file descriptor) [pid 952] close(10) = -1 EBADF (Bad file descriptor) [pid 952] close(11) = -1 EBADF (Bad file descriptor) [pid 952] close(12) = -1 EBADF (Bad file descriptor) [pid 952] close(13) = -1 EBADF (Bad file descriptor) [pid 952] close(14) = -1 EBADF (Bad file descriptor) [pid 952] close(15) = -1 EBADF (Bad file descriptor) [pid 952] close(16) = -1 EBADF (Bad file descriptor) [pid 952] close(17) = -1 EBADF (Bad file descriptor) [pid 952] close(18) = -1 EBADF (Bad file descriptor) [pid 952] close(19) = -1 EBADF (Bad file descriptor) [pid 952] close(20) = -1 EBADF (Bad file descriptor) [pid 952] close(21) = -1 EBADF (Bad file descriptor) [pid 952] close(22) = -1 EBADF (Bad file descriptor) [pid 952] close(23) = -1 EBADF (Bad file descriptor) [pid 952] close(24) = -1 EBADF (Bad file descriptor) [pid 952] close(25) = -1 EBADF (Bad file descriptor) [pid 952] close(26) = -1 EBADF (Bad file descriptor) [pid 952] close(27) = -1 EBADF (Bad file descriptor) [pid 952] close(28) = -1 EBADF (Bad file descriptor) [pid 952] close(29) = -1 EBADF (Bad file descriptor) [pid 952] exit_group(0) = ? [pid 953] +++ exited with 0 +++ [pid 952] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=45, si_uid=0, si_status=0, si_utime=7, si_stime=22} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 49.627581][ T953] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 294] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 963] <... write resumed>) = 20699119 [pid 963] munmap(0x7fc71771c000, 138412032) = 0 [pid 963] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 963] ioctl(4, LOOP_SET_FD, 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 955] <... mount resumed>) = 0 [pid 955] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 955] chdir("./file4") = 0 [pid 955] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 955] ioctl(4, LOOP_CLR_FD) = 0 [pid 955] close(4 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 955] <... close resumed>) = 0 [pid 955] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 955] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 963] <... ioctl resumed>) = 0 [pid 954] <... futex resumed>) = 0 [pid 963] close(3) = 0 [pid 954] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 963] close(4) = 0 [pid 963] mkdir("./file4", 0777) = 0 [pid 963] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 955] <... futex resumed>) = 0 [pid 954] <... futex resumed>) = 1 [pid 955] fspick(AT_FDCWD, ".", 0 [pid 954] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 955] <... fspick resumed>) = 4 [pid 955] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 49.656477][ T955] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 49.664062][ T955] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 49.673517][ T962] F2FS-fs (loop3): Found nat_bits in checkpoint [ 49.676947][ T963] loop4: detected capacity change from 0 to 40427 [pid 955] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 954] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 954] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 954] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 955] <... futex resumed>) = 0 [pid 955] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 955] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 955] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 954] <... futex resumed>) = 0 [pid 954] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 955] <... futex resumed>) = 0 [pid 955] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 954] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 955] <... open resumed>) = 5 [pid 955] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 955] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 954] <... futex resumed>) = 0 [pid 954] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 955] <... futex resumed>) = 0 [pid 955] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 954] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 955] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 955] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 954] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 954] close(3) = 0 [pid 954] close(4) = 0 [pid 954] close(5) = 0 [pid 954] close(6) = -1 EBADF (Bad file descriptor) [pid 954] close(7) = -1 EBADF (Bad file descriptor) [pid 954] close(8) = -1 EBADF (Bad file descriptor) [pid 954] close(9) = -1 EBADF (Bad file descriptor) [pid 954] close(10) = -1 EBADF (Bad file descriptor) [pid 954] close(11) = -1 EBADF (Bad file descriptor) [pid 954] close(12) = -1 EBADF (Bad file descriptor) [pid 954] close(13) = -1 EBADF (Bad file descriptor) [pid 954] close(14) = -1 EBADF (Bad file descriptor) [pid 954] close(15) = -1 EBADF (Bad file descriptor) [pid 954] close(16) = -1 EBADF (Bad file descriptor) [pid 954] close(17) = -1 EBADF (Bad file descriptor) [pid 954] close(18) = -1 EBADF (Bad file descriptor) [pid 954] close(19) = -1 EBADF (Bad file descriptor) [pid 954] close(20) = -1 EBADF (Bad file descriptor) [pid 954] close(21) = -1 EBADF (Bad file descriptor) [pid 954] close(22) = -1 EBADF (Bad file descriptor) [pid 954] close(23) = -1 EBADF (Bad file descriptor) [pid 954] close(24) = -1 EBADF (Bad file descriptor) [pid 954] close(25) = -1 EBADF (Bad file descriptor) [pid 954] close(26) = -1 EBADF (Bad file descriptor) [pid 954] close(27) = -1 EBADF (Bad file descriptor) [pid 954] close(28) = -1 EBADF (Bad file descriptor) [pid 954] close(29) = -1 EBADF (Bad file descriptor) [pid 954] exit_group(0 [pid 955] <... futex resumed>) = ? [pid 954] <... exit_group resumed>) = ? [pid 955] +++ exited with 0 +++ [pid 954] +++ exited with 0 +++ [ 49.706005][ T963] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 49.715666][ T955] F2FS-fs (loop1): switch discard_unit option is not allowed [ 49.741347][ T963] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=46, si_uid=0, si_status=0, si_utime=5, si_stime=22} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 49.758024][ T963] F2FS-fs (loop4): fault_injection options not supported [ 49.766200][ T963] F2FS-fs (loop4): fault_type options not supported [ 49.775887][ T963] F2FS-fs (loop4): invalid crc value [ 49.804785][ T963] F2FS-fs (loop4): Found nat_bits in checkpoint [ 49.830739][ T962] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [pid 971] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 962] <... mount resumed>) = 0 [pid 962] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 962] chdir("./file4") = 0 [pid 962] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 962] ioctl(4, LOOP_CLR_FD) = 0 [pid 962] close(4) = 0 [pid 962] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 962] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] <... futex resumed>) = 0 [pid 962] fspick(AT_FDCWD, ".", 0) = 4 [pid 962] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 963] <... mount resumed>) = 0 [pid 963] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 963] chdir("./file4") = 0 [pid 963] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 963] ioctl(4, LOOP_CLR_FD) = 0 [pid 963] close(4) = 0 [pid 963] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 960] <... futex resumed>) = 0 [pid 963] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 960] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 963] <... futex resumed>) = 0 [pid 960] <... futex resumed>) = 1 [pid 963] fspick(AT_FDCWD, ".", 0 [pid 960] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 963] <... fspick resumed>) = 4 [pid 963] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 960] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 963] <... futex resumed>) = 0 [pid 963] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 960] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 963] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 963] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 960] <... futex resumed>) = 0 [ 49.858936][ T962] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 49.874613][ T963] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 49.882092][ T963] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 49.901021][ T962] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 960] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 962] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 961] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 961] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 963] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 962] <... open resumed>) = 5 [pid 962] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 961] <... futex resumed>) = 0 [pid 963] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 961] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 963] <... futex resumed>) = 1 [pid 961] <... futex resumed>) = 0 [pid 960] <... futex resumed>) = 0 [pid 963] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 961] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 960] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 963] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 960] <... futex resumed>) = 0 [pid 960] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 962] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 962] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 963] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 961] <... futex resumed>) = 0 [pid 961] close(3) = 0 [pid 963] <... open resumed>) = 5 [pid 961] close(4 [pid 963] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 961] <... close resumed>) = 0 [pid 963] <... futex resumed>) = 1 [pid 961] close(5 [pid 960] <... futex resumed>) = 0 [pid 963] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 961] <... close resumed>) = 0 [pid 961] close(6 [pid 960] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 963] <... futex resumed>) = 0 [pid 961] close(7 [pid 960] <... futex resumed>) = 1 [pid 963] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 963] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 961] close(8 [pid 960] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 963] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 963] <... futex resumed>) = 0 [pid 961] close(9 [pid 963] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(10 [pid 960] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(11 [pid 960] close(3 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = 0 [pid 961] close(12 [pid 960] close(4 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = 0 [pid 961] close(13 [pid 960] close(5 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = 0 [pid 971] <... write resumed>) = 20699119 [pid 961] close(14 [pid 960] close(6 [pid 971] munmap(0x7fc71771c000, 138412032 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(15 [pid 960] close(7 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(16 [pid 960] close(8 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(17 [pid 960] close(9 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(18 [pid 960] close(10 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(19 [pid 960] close(11 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 971] <... munmap resumed>) = 0 [pid 961] close(20 [pid 960] close(12 [pid 971] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 971] <... openat resumed>) = 4 [pid 961] close(21 [pid 960] close(13 [pid 971] ioctl(4, LOOP_SET_FD, 3 [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 960] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(22 [pid 960] close(14) = -1 EBADF (Bad file descriptor) [pid 960] close(15) = -1 EBADF (Bad file descriptor) [pid 960] close(16) = -1 EBADF (Bad file descriptor) [pid 960] close(17) = -1 EBADF (Bad file descriptor) [pid 960] close(18) = -1 EBADF (Bad file descriptor) [pid 960] close(19) = -1 EBADF (Bad file descriptor) [pid 960] close(20) = -1 EBADF (Bad file descriptor) [pid 960] close(21) = -1 EBADF (Bad file descriptor) [pid 960] close(22) = -1 EBADF (Bad file descriptor) [pid 960] close(23) = -1 EBADF (Bad file descriptor) [pid 960] close(24) = -1 EBADF (Bad file descriptor) [pid 960] close(25) = -1 EBADF (Bad file descriptor) [pid 960] close(26) = -1 EBADF (Bad file descriptor) [pid 960] close(27) = -1 EBADF (Bad file descriptor) [pid 960] close(28) = -1 EBADF (Bad file descriptor) [pid 960] close(29) = -1 EBADF (Bad file descriptor) [pid 960] exit_group(0) = ? [pid 962] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 963] <... futex resumed>) = ? [pid 963] +++ exited with 0 +++ [pid 960] +++ exited with 0 +++ [pid 961] close(23) = -1 EBADF (Bad file descriptor) [pid 961] close(24) = -1 EBADF (Bad file descriptor) [pid 961] close(25) = -1 EBADF (Bad file descriptor) [pid 961] close(26 [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=44, si_uid=0, si_status=0, si_utime=3, si_stime=17} --- [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(27 [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 961] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 961] close(28) = -1 EBADF (Bad file descriptor) [pid 961] close(29) = -1 EBADF (Bad file descriptor) [pid 961] exit_group(0 [pid 962] <... futex resumed>) = ? [pid 961] <... exit_group resumed>) = ? [pid 962] +++ exited with 0 +++ [pid 961] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=46, si_uid=0, si_status=0, si_utime=6, si_stime=12} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 299] <... restart_syscall resumed>) = 0 [pid 299] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 971] <... ioctl resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 971] close(3 [pid 298] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 971] <... close resumed>) = 0 [pid 298] <... openat resumed>) = 3 [pid 971] close(4 [pid 298] newfstatat(3, "", [pid 971] <... close resumed>) = 0 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 971] mkdir("./file4", 0777 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 971] <... mkdir resumed>) = 0 [ 49.925348][ T963] F2FS-fs (loop4): switch discard_unit option is not allowed [ 49.949616][ T971] loop2: detected capacity change from 0 to 40427 [pid 971] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 294] <... umount2 resumed>) = 0 [ 49.980917][ T971] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 49.987998][ T971] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 294] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./21/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./21/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./21/file4") = 0 [pid 294] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./21/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./21") = 0 [pid 294] mkdir("./22", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 47 ./strace-static-x86_64: Process 982 attached [pid 297] <... umount2 resumed>) = 0 [pid 982] set_robust_list(0x5555875796a0, 24 [pid 297] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 982] <... set_robust_list resumed>) = 0 [pid 982] chdir("./22" [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 982] <... chdir resumed>) = 0 [pid 982] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 297] newfstatat(AT_FDCWD, "./22/file4", [pid 982] <... prctl resumed>) = 0 [pid 982] setpgid(0, 0 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 982] <... setpgid resumed>) = 0 [pid 982] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 297] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 982] <... openat resumed>) = 3 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 982] write(3, "1000", 4 [pid 297] openat(AT_FDCWD, "./22/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 982] <... write resumed>) = 4 [pid 982] close(3 [pid 297] <... openat resumed>) = 4 [pid 982] <... close resumed>) = 0 [pid 297] newfstatat(4, "", [pid 982] symlink("/dev/binderfs", "./binderfs" [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 982] <... symlink resumed>) = 0 [pid 297] getdents64(4, [pid 982] write(1, "executing program\n", 18 [pid 297] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./22/file4") = 0 [pid 297] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 executing program [pid 982] <... write resumed>) = 18 [pid 297] unlink("./22/binderfs" [pid 982] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... unlink resumed>) = 0 [pid 982] <... futex resumed>) = 0 [pid 297] getdents64(3, [pid 982] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 297] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 982] <... rt_sigaction resumed>NULL, 8) = 0 [pid 297] close(3 [pid 982] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 297] <... close resumed>) = 0 [pid 982] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 297] rmdir("./22" [pid 982] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 297] <... rmdir resumed>) = 0 [pid 982] <... mmap resumed>) = 0x7fc71fb1c000 [pid 297] mkdir("./23", 0777 [pid 982] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 297] <... mkdir resumed>) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 982] <... mprotect resumed>) = 0 [pid 297] <... openat resumed>) = 3 [pid 297] ioctl(3, LOOP_CLR_FD [pid 982] rt_sigprocmask(SIG_BLOCK, ~[], [pid 297] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 982] <... rt_sigprocmask resumed>[], 8) = 0 [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 48 [pid 982] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0}./strace-static-x86_64: Process 984 attached [pid 984] set_robust_list(0x5555875796a0, 24) = 0 [pid 984] chdir("./23") = 0 [pid 984] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 984] setpgid(0, 0) = 0 [pid 984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 984] write(3, "1000", 4) = 4 [pid 984] close(3 [pid 982] <... clone3 resumed> => {parent_tid=[48]}, 88) = 48 [pid 982] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 982] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 982] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 984] <... close resumed>) = 0 [pid 984] symlink("/dev/binderfs", "./binderfs") = 0 [pid 984] write(1, "executing program\n", 18executing program ./strace-static-x86_64: Process 986 attached ) = 18 [pid 984] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 984] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 984] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 984] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 986] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 984] <... mmap resumed>) = 0x7fc71fb1c000 [pid 984] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 984] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 984] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[49]}, 88) = 49 [pid 984] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 984] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 984] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 986] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 987 attached NULL, 8) = 0 [pid 987] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 987] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 987] memfd_create("syzkaller", 0) = 3 [pid 986] memfd_create("syzkaller", 0 [pid 987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 50.024267][ T971] F2FS-fs (loop2): fault_injection options not supported [ 50.031573][ T971] F2FS-fs (loop2): fault_type options not supported [ 50.053724][ T971] F2FS-fs (loop2): invalid crc value [pid 986] <... memfd_create resumed>) = 3 [pid 986] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 50.099077][ T971] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./22/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./22/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./22/file4") = 0 [pid 298] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./22/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./22") = 0 [pid 298] mkdir("./23", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 48 ./strace-static-x86_64: Process 989 attached [pid 989] set_robust_list(0x5555875796a0, 24) = 0 [pid 989] chdir("./23") = 0 [pid 989] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 989] setpgid(0, 0) = 0 [pid 989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 989] write(3, "1000", 4) = 4 [pid 989] close(3) = 0 [pid 989] symlink("/dev/binderfs", "./binderfs") = 0 [pid 989] write(1, "executing program\n", 18executing program ) = 18 [pid 989] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 989] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 989] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 989] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 989] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 989] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 989] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[49]}, 88) = 49 [pid 989] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 989] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 989] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 990 attached [pid 990] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 990] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 990] memfd_create("syzkaller", 0) = 3 [pid 990] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 971] <... mount resumed>) = 0 [pid 299] newfstatat(AT_FDCWD, "./21/file4", [pid 971] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 971] <... openat resumed>) = 3 [pid 299] umount2("./21/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 971] chdir("./file4" [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 971] <... chdir resumed>) = 0 [pid 299] openat(AT_FDCWD, "./21/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 971] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 299] <... openat resumed>) = 4 [pid 299] newfstatat(4, "", [pid 971] <... openat resumed>) = 4 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 971] ioctl(4, LOOP_CLR_FD [pid 299] getdents64(4, [pid 971] <... ioctl resumed>) = 0 [pid 299] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 971] close(4 [pid 299] getdents64(4, [pid 971] <... close resumed>) = 0 [pid 299] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 971] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] close(4 [pid 971] <... futex resumed>) = 1 [pid 969] <... futex resumed>) = 0 [pid 971] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 969] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... close resumed>) = 0 [pid 971] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 969] <... futex resumed>) = 0 [pid 299] rmdir("./21/file4" [pid 971] fspick(AT_FDCWD, ".", 0 [pid 969] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] <... rmdir resumed>) = 0 [pid 971] <... fspick resumed>) = 4 [pid 299] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 971] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 971] <... futex resumed>) = 1 [pid 969] <... futex resumed>) = 0 [pid 299] newfstatat(AT_FDCWD, "./21/binderfs", [pid 971] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 969] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 971] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 969] <... futex resumed>) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 971] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 969] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] unlink("./21/binderfs" [pid 971] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 299] <... unlink resumed>) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./21") = 0 [pid 299] mkdir("./22", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 971] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 969] <... futex resumed>) = 0 [pid 969] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 971] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 969] <... futex resumed>) = 0 [pid 299] <... clone resumed>, child_tidptr=0x555587579690) = 46 [pid 969] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 971] <... open resumed>) = 5 [pid 971] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 969] <... futex resumed>) = 0 [pid 971] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 969] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 971] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 969] <... futex resumed>) = 0 [pid 971] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 969] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 971] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 971] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 969] <... futex resumed>) = 0 [pid 969] close(3) = 0 [pid 969] close(4) = 0 [pid 969] close(5) = 0 [pid 969] close(6) = -1 EBADF (Bad file descriptor) [pid 969] close(7) = -1 EBADF (Bad file descriptor) [pid 969] close(8) = -1 EBADF (Bad file descriptor) [pid 969] close(9) = -1 EBADF (Bad file descriptor) [pid 969] close(10) = -1 EBADF (Bad file descriptor) [pid 969] close(11) = -1 EBADF (Bad file descriptor) [pid 969] close(12) = -1 EBADF (Bad file descriptor) [pid 969] close(13) = -1 EBADF (Bad file descriptor) [pid 969] close(14) = -1 EBADF (Bad file descriptor) [pid 969] close(15) = -1 EBADF (Bad file descriptor) [pid 969] close(16) = -1 EBADF (Bad file descriptor) [pid 969] close(17) = -1 EBADF (Bad file descriptor) [pid 969] close(18) = -1 EBADF (Bad file descriptor) [pid 969] close(19) = -1 EBADF (Bad file descriptor) [pid 969] close(20) = -1 EBADF (Bad file descriptor) [pid 969] close(21) = -1 EBADF (Bad file descriptor) [pid 969] close(22) = -1 EBADF (Bad file descriptor) [pid 969] close(23) = -1 EBADF (Bad file descriptor) [pid 969] close(24) = -1 EBADF (Bad file descriptor) [pid 969] close(25) = -1 EBADF (Bad file descriptor) [pid 969] close(26) = -1 EBADF (Bad file descriptor) [pid 969] close(27) = -1 EBADF (Bad file descriptor) [pid 969] close(28) = -1 EBADF (Bad file descriptor) [pid 969] close(29) = -1 EBADF (Bad file descriptor) [pid 969] exit_group(0) = ? [pid 971] +++ exited with 0 +++ [pid 969] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=47, si_uid=0, si_status=0, si_utime=8, si_stime=20} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 992 attached [pid 992] set_robust_list(0x5555875796a0, 24) = 0 [pid 992] chdir("./22") = 0 [pid 992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 992] setpgid(0, 0) = 0 [pid 992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 992] write(3, "1000", 4) = 4 [ 50.215543][ T971] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 50.222726][ T971] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 50.251824][ T971] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 992] close(3) = 0 [pid 992] symlink("/dev/binderfs", "./binderfs") = 0 [pid 992] write(1, "executing program\n", 18executing program ) = 18 [pid 992] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 992] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 992] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 992] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 992] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 992] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 992] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[47]}, 88) = 47 [pid 992] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 992] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 992] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 986] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119./strace-static-x86_64: Process 993 attached [pid 993] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 993] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 993] memfd_create("syzkaller", 0) = 3 [pid 993] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 987] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 990] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 986] <... write resumed>) = 20699119 [pid 986] munmap(0x7fc71771c000, 138412032) = 0 [pid 986] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 986] ioctl(4, LOOP_SET_FD, 3 [pid 993] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./22/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./22/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./22/file4") = 0 [pid 293] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./22/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./22") = 0 [pid 293] mkdir("./23", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 49 ./strace-static-x86_64: Process 994 attached [pid 994] set_robust_list(0x5555875796a0, 24) = 0 [pid 994] chdir("./23") = 0 [pid 994] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 994] setpgid(0, 0) = 0 [pid 994] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 994] write(3, "1000", 4) = 4 [pid 994] close(3) = 0 [pid 994] symlink("/dev/binderfs", "./binderfs") = 0 [pid 994] write(1, "executing program\n", 18executing program ) = 18 [pid 994] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 994] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 994] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 994] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 994] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 994] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 994] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 987] <... write resumed>) = 20699119 [pid 994] <... clone3 resumed> => {parent_tid=[50]}, 88) = 50 [pid 994] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 994] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 994] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 987] munmap(0x7fc71771c000, 138412032) = 0 [pid 987] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 987] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 995 attached [pid 995] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 995] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 995] memfd_create("syzkaller", 0) = 3 [pid 995] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 986] <... ioctl resumed>) = 0 [pid 986] close(3) = 0 [pid 986] close(4) = 0 [pid 986] mkdir("./file4", 0777) = 0 [ 50.522935][ T986] loop0: detected capacity change from 0 to 40427 [ 50.555919][ T987] loop1: detected capacity change from 0 to 40427 [pid 986] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 987] <... ioctl resumed>) = 0 [pid 987] close(3) = 0 [pid 987] close(4) = 0 [pid 987] mkdir("./file4", 0777) = 0 [ 50.570842][ T986] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 50.578314][ T987] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 50.598661][ T986] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 50.607495][ T987] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 987] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 990] <... write resumed>) = 20699119 [pid 990] munmap(0x7fc71771c000, 138412032) = 0 [pid 990] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 990] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 990] close(3) = 0 [pid 990] close(4) = 0 [pid 990] mkdir("./file4", 0777) = 0 [ 50.622821][ T987] F2FS-fs (loop1): fault_injection options not supported [ 50.626541][ T986] F2FS-fs (loop0): fault_injection options not supported [ 50.640386][ T987] F2FS-fs (loop1): fault_type options not supported [ 50.651072][ T986] F2FS-fs (loop0): fault_type options not supported [ 50.658295][ T987] F2FS-fs (loop1): invalid crc value [ 50.666049][ T990] loop3: detected capacity change from 0 to 40427 [pid 990] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 50.687102][ T990] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 50.694754][ T987] F2FS-fs (loop1): Found nat_bits in checkpoint [ 50.696829][ T986] F2FS-fs (loop0): invalid crc value [ 50.719693][ T990] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [pid 995] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 993] <... write resumed>) = 20699119 [pid 993] munmap(0x7fc71771c000, 138412032) = 0 [pid 993] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 50.737644][ T986] F2FS-fs (loop0): Found nat_bits in checkpoint [ 50.750410][ T990] F2FS-fs (loop3): fault_injection options not supported [ 50.764516][ T987] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 50.764582][ T990] F2FS-fs (loop3): fault_type options not supported [ 50.774624][ T987] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [pid 993] ioctl(4, LOOP_SET_FD, 3 [pid 987] <... mount resumed>) = 0 [pid 987] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 987] chdir("./file4") = 0 [pid 987] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 987] ioctl(4, LOOP_CLR_FD) = 0 [pid 987] close(4) = 0 [pid 987] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 987] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 984] <... futex resumed>) = 0 [pid 984] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 987] <... futex resumed>) = 0 [pid 984] <... futex resumed>) = 1 [pid 984] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 987] fspick(AT_FDCWD, ".", 0) = 4 [pid 987] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 987] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 984] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 984] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 987] <... futex resumed>) = 0 [pid 984] <... futex resumed>) = 1 [pid 987] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 984] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 993] <... ioctl resumed>) = 0 [pid 993] close(3) = 0 [pid 993] close(4) = 0 [pid 993] mkdir("./file4", 0777) = 0 [pid 993] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 987] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 987] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 987] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 984] <... futex resumed>) = 0 [pid 984] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 984] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 987] <... futex resumed>) = 0 [pid 987] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 987] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 50.788813][ T993] loop4: detected capacity change from 0 to 40427 [ 50.810090][ T987] F2FS-fs (loop1): switch discard_unit option is not allowed [ 50.816049][ T990] F2FS-fs (loop3): invalid crc value [ 50.827193][ T993] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 987] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 984] <... futex resumed>) = 0 [pid 984] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 987] <... futex resumed>) = 0 [pid 987] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 987] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 987] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 984] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 984] close(3) = 0 [pid 984] close(4) = 0 [pid 984] close(5) = 0 [pid 984] close(6) = -1 EBADF (Bad file descriptor) [pid 984] close(7) = -1 EBADF (Bad file descriptor) [pid 984] close(8) = -1 EBADF (Bad file descriptor) [pid 984] close(9) = -1 EBADF (Bad file descriptor) [pid 995] <... write resumed>) = 20699119 [pid 984] close(10 [pid 995] munmap(0x7fc71771c000, 138412032 [pid 984] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 984] close(11) = -1 EBADF (Bad file descriptor) [pid 984] close(12) = -1 EBADF (Bad file descriptor) [pid 984] close(13) = -1 EBADF (Bad file descriptor) [pid 995] <... munmap resumed>) = 0 [pid 995] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 984] close(14 [pid 995] <... openat resumed>) = 4 [pid 995] ioctl(4, LOOP_SET_FD, 3 [pid 984] <... close resumed>) = -1 EBADF (Bad file descriptor) [ 50.835689][ T993] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 50.836369][ T986] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 50.853992][ T990] F2FS-fs (loop3): Found nat_bits in checkpoint [ 50.854042][ T993] F2FS-fs (loop4): fault_injection options not supported [ 50.873610][ T995] loop2: detected capacity change from 0 to 40427 [ 50.879351][ T986] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [pid 984] close(15) = -1 EBADF (Bad file descriptor) [pid 984] close(16) = -1 EBADF (Bad file descriptor) [pid 995] <... ioctl resumed>) = 0 [pid 995] close(3 [pid 986] <... mount resumed>) = 0 [pid 984] close(17) = -1 EBADF (Bad file descriptor) [pid 984] close(18) = -1 EBADF (Bad file descriptor) [pid 986] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 984] close(19) = -1 EBADF (Bad file descriptor) [pid 984] close(20) = -1 EBADF (Bad file descriptor) [pid 984] close(21) = -1 EBADF (Bad file descriptor) [pid 984] close(22) = -1 EBADF (Bad file descriptor) [pid 984] close(23) = -1 EBADF (Bad file descriptor) [pid 984] close(24) = -1 EBADF (Bad file descriptor) [pid 984] close(25) = -1 EBADF (Bad file descriptor) [pid 984] close(26) = -1 EBADF (Bad file descriptor) [pid 984] close(27) = -1 EBADF (Bad file descriptor) [pid 984] close(28) = -1 EBADF (Bad file descriptor) [pid 984] close(29) = -1 EBADF (Bad file descriptor) [pid 984] exit_group(0 [pid 987] <... futex resumed>) = ? [pid 984] <... exit_group resumed>) = ? [pid 987] +++ exited with 0 +++ [pid 995] <... close resumed>) = 0 [pid 995] close(4) = 0 [pid 995] mkdir("./file4", 0777) = 0 [pid 984] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=48, si_uid=0, si_status=0, si_utime=10, si_stime=19} --- [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 995] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 297] <... restart_syscall resumed>) = 0 [pid 297] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 986] <... openat resumed>) = 3 [pid 986] chdir("./file4") = 0 [pid 986] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 986] ioctl(4, LOOP_CLR_FD) = 0 [pid 986] close(4) = 0 [pid 986] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 982] <... futex resumed>) = 0 [pid 982] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 982] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 986] fspick(AT_FDCWD, ".", 0) = 4 [pid 986] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 982] <... futex resumed>) = 0 [pid 982] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 982] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 50.880568][ T993] F2FS-fs (loop4): fault_type options not supported [ 50.908535][ T995] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 50.927055][ T993] F2FS-fs (loop4): invalid crc value [pid 986] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 986] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 982] <... futex resumed>) = 0 [pid 982] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 982] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 986] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 986] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 982] <... futex resumed>) = 0 [pid 982] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 982] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 986] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 986] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 982] <... futex resumed>) = 0 [pid 982] close(3) = 0 [pid 982] close(4) = 0 [pid 982] close(5) = 0 [pid 982] close(6) = -1 EBADF (Bad file descriptor) [pid 982] close(7) = -1 EBADF (Bad file descriptor) [pid 982] close(8) = -1 EBADF (Bad file descriptor) [pid 982] close(9) = -1 EBADF (Bad file descriptor) [pid 982] close(10) = -1 EBADF (Bad file descriptor) [pid 982] close(11) = -1 EBADF (Bad file descriptor) [pid 982] close(12) = -1 EBADF (Bad file descriptor) [pid 982] close(13) = -1 EBADF (Bad file descriptor) [pid 982] close(14) = -1 EBADF (Bad file descriptor) [pid 982] close(15) = -1 EBADF (Bad file descriptor) [pid 982] close(16) = -1 EBADF (Bad file descriptor) [pid 982] close(17) = -1 EBADF (Bad file descriptor) [pid 982] close(18) = -1 EBADF (Bad file descriptor) [pid 982] close(19) = -1 EBADF (Bad file descriptor) [pid 982] close(20) = -1 EBADF (Bad file descriptor) [pid 982] close(21) = -1 EBADF (Bad file descriptor) [pid 982] close(22) = -1 EBADF (Bad file descriptor) [pid 982] close(23) = -1 EBADF (Bad file descriptor) [pid 982] close(24) = -1 EBADF (Bad file descriptor) [pid 982] close(25) = -1 EBADF (Bad file descriptor) [pid 982] close(26) = -1 EBADF (Bad file descriptor) [pid 982] close(27) = -1 EBADF (Bad file descriptor) [pid 982] close(28) = -1 EBADF (Bad file descriptor) [pid 982] close(29) = -1 EBADF (Bad file descriptor) [pid 982] exit_group(0) = ? [pid 986] +++ exited with 0 +++ [pid 982] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=47, si_uid=0, si_status=0, si_utime=6, si_stime=17} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 990] <... mount resumed>) = 0 [pid 294] <... restart_syscall resumed>) = 0 [pid 990] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 294] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 50.933390][ T986] F2FS-fs (loop0): switch discard_unit option is not allowed [ 50.950256][ T990] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 50.971579][ T990] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 50.973036][ T995] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [pid 294] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 990] <... openat resumed>) = 3 [pid 990] chdir("./file4") = 0 [pid 990] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 990] ioctl(4, LOOP_CLR_FD) = 0 [pid 990] close(4) = 0 [pid 990] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 989] <... futex resumed>) = 0 [pid 990] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 989] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 990] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 990] fspick(AT_FDCWD, ".", 0 [pid 989] <... futex resumed>) = 0 [pid 989] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 990] <... fspick resumed>) = 4 [pid 990] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 989] <... futex resumed>) = 0 [pid 989] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [ 50.990709][ T995] F2FS-fs (loop2): fault_injection options not supported [ 50.995042][ T993] F2FS-fs (loop4): Found nat_bits in checkpoint [ 50.998013][ T294] bio_check_eod: 12 callbacks suppressed [ 50.998025][ T294] syz-executor248: attempt to access beyond end of device [ 50.998025][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 51.025258][ T995] F2FS-fs (loop2): fault_type options not supported [pid 990] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 989] <... futex resumed>) = 0 [pid 990] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 989] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 990] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 989] <... futex resumed>) = 0 [pid 990] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 989] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 990] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 989] <... futex resumed>) = 0 [pid 990] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 989] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 990] <... open resumed>) = 5 [pid 990] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 989] <... futex resumed>) = 0 [pid 989] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 990] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 989] <... futex resumed>) = 0 [pid 989] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 990] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 993] <... mount resumed>) = 0 [pid 989] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 990] <... futex resumed>) = 0 [pid 993] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 989] close(3 [pid 990] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 989] <... close resumed>) = 0 [pid 989] close(4) = 0 [pid 989] close(5) = 0 [pid 993] <... openat resumed>) = 3 [pid 989] close(6) = -1 EBADF (Bad file descriptor) [pid 989] close(7) = -1 EBADF (Bad file descriptor) [pid 989] close(8) = -1 EBADF (Bad file descriptor) [pid 989] close(9) = -1 EBADF (Bad file descriptor) [pid 989] close(10) = -1 EBADF (Bad file descriptor) [pid 989] close(11) = -1 EBADF (Bad file descriptor) [pid 989] close(12) = -1 EBADF (Bad file descriptor) [pid 989] close(13) = -1 EBADF (Bad file descriptor) [pid 989] close(14) = -1 EBADF (Bad file descriptor) [pid 989] close(15) = -1 EBADF (Bad file descriptor) [pid 989] close(16) = -1 EBADF (Bad file descriptor) [pid 989] close(17) = -1 EBADF (Bad file descriptor) [pid 989] close(18) = -1 EBADF (Bad file descriptor) [pid 989] close(19) = -1 EBADF (Bad file descriptor) [pid 989] close(20) = -1 EBADF (Bad file descriptor) [pid 989] close(21) = -1 EBADF (Bad file descriptor) [pid 989] close(22) = -1 EBADF (Bad file descriptor) [pid 989] close(23) = -1 EBADF (Bad file descriptor) [pid 989] close(24) = -1 EBADF (Bad file descriptor) [pid 989] close(25) = -1 EBADF (Bad file descriptor) [pid 989] close(26) = -1 EBADF (Bad file descriptor) [pid 989] close(27) = -1 EBADF (Bad file descriptor) [pid 989] close(28) = -1 EBADF (Bad file descriptor) [pid 989] close(29) = -1 EBADF (Bad file descriptor) [pid 989] exit_group(0) = ? [pid 990] <... futex resumed>) = ? [pid 993] chdir("./file4" [pid 990] +++ exited with 0 +++ [pid 989] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=48, si_uid=0, si_status=0, si_utime=5, si_stime=16} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 993] <... chdir resumed>) = 0 [pid 993] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 993] ioctl(4, LOOP_CLR_FD) = 0 [pid 993] close(4) = 0 [pid 298] <... restart_syscall resumed>) = 0 [pid 993] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 992] <... futex resumed>) = 0 [pid 993] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 992] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 993] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 992] <... futex resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 993] fspick(AT_FDCWD, ".", 0 [pid 992] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 993] <... fspick resumed>) = 4 [pid 298] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 993] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 992] <... futex resumed>) = 0 [pid 993] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 992] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 298] newfstatat(3, "", [pid 992] <... futex resumed>) = 0 [pid 993] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 993] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 992] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 51.052412][ T990] F2FS-fs (loop3): switch discard_unit option is not allowed [ 51.064890][ T993] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 51.072489][ T993] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 51.072579][ T995] F2FS-fs (loop2): invalid crc value [pid 298] getdents64(3, [pid 993] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 298] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] <... umount2 resumed>) = 0 [pid 298] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 993] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 993] <... futex resumed>) = 1 [pid 992] <... futex resumed>) = 0 [pid 992] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 992] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 993] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 993] <... open resumed>) = 5 [pid 297] newfstatat(AT_FDCWD, "./23/file4", [pid 993] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 993] <... futex resumed>) = 1 [pid 992] <... futex resumed>) = 0 [pid 297] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 993] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 992] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 992] <... futex resumed>) = 0 [pid 993] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 992] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 993] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 992] <... futex resumed>) = 0 [pid 993] <... futex resumed>) = 1 [pid 992] close(3 [pid 297] openat(AT_FDCWD, "./23/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 993] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 992] <... close resumed>) = 0 [pid 992] close(4) = 0 [pid 992] close(5) = 0 [pid 992] close(6) = -1 EBADF (Bad file descriptor) [pid 297] <... openat resumed>) = 4 [pid 992] close(7) = -1 EBADF (Bad file descriptor) [pid 297] newfstatat(4, "", [pid 992] close(8) = -1 EBADF (Bad file descriptor) [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 992] close(9 [pid 297] getdents64(4, [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(10 [pid 297] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(11 [pid 297] getdents64(4, [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(12 [pid 297] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(13 [pid 297] close(4 [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(14) = -1 EBADF (Bad file descriptor) [pid 297] <... close resumed>) = 0 [pid 992] close(15 [pid 297] rmdir("./23/file4" [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(16) = -1 EBADF (Bad file descriptor) [pid 297] <... rmdir resumed>) = 0 [pid 992] close(17 [pid 297] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(18) = -1 EBADF (Bad file descriptor) [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 992] close(19 [pid 297] newfstatat(AT_FDCWD, "./23/binderfs", [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 992] close(20) = -1 EBADF (Bad file descriptor) [pid 297] unlink("./23/binderfs" [pid 992] close(21) = -1 EBADF (Bad file descriptor) [pid 297] <... unlink resumed>) = 0 [pid 992] close(22) = -1 EBADF (Bad file descriptor) [pid 297] getdents64(3, [pid 992] close(23) = -1 EBADF (Bad file descriptor) [pid 297] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 992] close(24) = -1 EBADF (Bad file descriptor) [pid 297] close(3 [pid 992] close(25 [pid 297] <... close resumed>) = 0 [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] close(26 [pid 297] rmdir("./23" [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... rmdir resumed>) = 0 [pid 992] close(27) = -1 EBADF (Bad file descriptor) [pid 297] mkdir("./24", 0777 [pid 992] close(28) = -1 EBADF (Bad file descriptor) [pid 992] close(29 [pid 297] <... mkdir resumed>) = 0 [pid 992] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 992] exit_group(0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 993] <... futex resumed>) = ? [pid 992] <... exit_group resumed>) = ? [pid 993] +++ exited with 0 +++ [pid 992] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=46, si_uid=0, si_status=0, si_utime=6, si_stime=20} --- [pid 297] <... openat resumed>) = 3 [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3 [pid 299] <... restart_syscall resumed>) = 0 [pid 297] <... close resumed>) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 50 [pid 299] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 51.113650][ T993] F2FS-fs (loop4): switch discard_unit option is not allowed [ 51.115015][ T995] F2FS-fs (loop2): Found nat_bits in checkpoint [ 51.128866][ T298] syz-executor248: attempt to access beyond end of device [ 51.128866][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 299] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 1015 attached [pid 1015] set_robust_list(0x5555875796a0, 24) = 0 [pid 1015] chdir("./24") = 0 [pid 1015] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1015] setpgid(0, 0) = 0 [pid 1015] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1015] write(3, "1000", 4) = 4 [pid 1015] close(3) = 0 [pid 1015] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1015] write(1, "executing program\n", 18executing program ) = 18 [pid 1015] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1015] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1015] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1015] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1015] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1015] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1015] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[51]}, 88) = 51 [pid 1015] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1015] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1015] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1017 attached [pid 1017] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1017] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1017] memfd_create("syzkaller", 0) = 3 [pid 1017] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 51.161971][ T299] syz-executor248: attempt to access beyond end of device [ 51.161971][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 51.191707][ T995] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [pid 995] <... mount resumed>) = 0 [pid 995] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 995] chdir("./file4") = 0 [pid 995] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 995] ioctl(4, LOOP_CLR_FD) = 0 [pid 995] close(4) = 0 [pid 995] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 994] <... futex resumed>) = 0 [pid 995] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 994] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 995] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 994] <... futex resumed>) = 0 [pid 995] fspick(AT_FDCWD, ".", 0 [pid 994] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 995] <... fspick resumed>) = 4 [pid 995] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 994] <... futex resumed>) = 0 [pid 995] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 994] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 995] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 994] <... futex resumed>) = 0 [pid 995] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 51.211828][ T995] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 994] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 995] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 995] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 994] <... futex resumed>) = 0 [pid 994] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 995] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 994] <... futex resumed>) = 0 [pid 994] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 995] <... open resumed>) = 5 [pid 995] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 994] <... futex resumed>) = 0 [pid 995] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 994] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 995] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 994] <... futex resumed>) = 0 [pid 995] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 994] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 995] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 995] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 994] <... futex resumed>) = 0 [pid 995] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 994] close(3) = 0 [pid 994] close(4) = 0 [pid 994] close(5) = 0 [pid 994] close(6) = -1 EBADF (Bad file descriptor) [pid 994] close(7) = -1 EBADF (Bad file descriptor) [pid 994] close(8) = -1 EBADF (Bad file descriptor) [pid 994] close(9) = -1 EBADF (Bad file descriptor) [pid 994] close(10) = -1 EBADF (Bad file descriptor) [pid 994] close(11) = -1 EBADF (Bad file descriptor) [pid 994] close(12) = -1 EBADF (Bad file descriptor) [pid 994] close(13) = -1 EBADF (Bad file descriptor) [pid 994] close(14) = -1 EBADF (Bad file descriptor) [pid 994] close(15) = -1 EBADF (Bad file descriptor) [pid 994] close(16) = -1 EBADF (Bad file descriptor) [pid 994] close(17) = -1 EBADF (Bad file descriptor) [pid 994] close(18) = -1 EBADF (Bad file descriptor) [pid 994] close(19) = -1 EBADF (Bad file descriptor) [pid 994] close(20) = -1 EBADF (Bad file descriptor) [pid 994] close(21) = -1 EBADF (Bad file descriptor) [pid 994] close(22) = -1 EBADF (Bad file descriptor) [pid 994] close(23) = -1 EBADF (Bad file descriptor) [pid 994] close(24) = -1 EBADF (Bad file descriptor) [pid 994] close(25) = -1 EBADF (Bad file descriptor) [pid 994] close(26) = -1 EBADF (Bad file descriptor) [pid 994] close(27) = -1 EBADF (Bad file descriptor) [pid 994] close(28) = -1 EBADF (Bad file descriptor) [pid 994] close(29) = -1 EBADF (Bad file descriptor) [pid 994] exit_group(0 [pid 995] <... futex resumed>) = ? [pid 994] <... exit_group resumed>) = ? [pid 995] +++ exited with 0 +++ [pid 994] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49, si_uid=0, si_status=0, si_utime=5, si_stime=14} --- [ 51.251572][ T995] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./22/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./22/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./22/file4") = 0 [pid 294] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./22/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./22") = 0 [pid 294] mkdir("./23", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 49 ./strace-static-x86_64: Process 1018 attached [pid 1018] set_robust_list(0x5555875796a0, 24) = 0 [pid 1018] chdir("./23") = 0 [pid 1018] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1018] setpgid(0, 0) = 0 [pid 1018] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1018] write(3, "1000", 4) = 4 [pid 1018] close(3) = 0 [pid 1018] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1018] write(1, "executing program\n", 18) = 18 [pid 1018] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1018] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1018] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1018] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1018] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1018] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1018] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[50]}, 88) = 50 [pid 1018] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1018] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1018] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1019 attached [pid 1019] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [ 51.308153][ T293] syz-executor248: attempt to access beyond end of device [ 51.308153][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 1019] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1019] memfd_create("syzkaller", 0) = 3 [pid 1019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./23/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./23/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./23/file4") = 0 [pid 298] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./23/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./23") = 0 [pid 298] mkdir("./24", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 50 ./strace-static-x86_64: Process 1020 attached [pid 1017] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1020] set_robust_list(0x5555875796a0, 24) = 0 [pid 1020] chdir("./24") = 0 [pid 1020] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1020] setpgid(0, 0) = 0 [pid 1020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1020] write(3, "1000", 4) = 4 [pid 1020] close(3) = 0 [pid 1020] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1020] write(1, "executing program\n", 18executing program ) = 18 [pid 1020] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1020] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1020] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1020] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1020] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1020] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1020] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[51]}, 88) = 51 [pid 1020] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1020] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1020] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 299] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 1021 attached [pid 1021] set_robust_list(0x7fc71fb3c9a0, 24 [pid 299] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1021] <... set_robust_list resumed>) = 0 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1021] rt_sigprocmask(SIG_SETMASK, [], [pid 299] newfstatat(AT_FDCWD, "./22/file4", [pid 1021] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1021] memfd_create("syzkaller", 0 [pid 299] umount2("./22/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1021] <... memfd_create resumed>) = 3 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1021] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 299] openat(AT_FDCWD, "./22/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1021] <... mmap resumed>) = 0x7fc71771c000 [pid 299] <... openat resumed>) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./22/file4") = 0 [pid 299] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./22/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./22") = 0 [pid 299] mkdir("./23", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 48 ./strace-static-x86_64: Process 1022 attached [pid 1022] set_robust_list(0x5555875796a0, 24) = 0 [pid 1022] chdir("./23") = 0 [pid 1022] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1022] setpgid(0, 0) = 0 [pid 1022] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1022] write(3, "1000", 4) = 4 [pid 1022] close(3) = 0 [pid 1022] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1022] write(1, "executing program\n", 18executing program ) = 18 [pid 1022] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1022] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1022] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1022] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1022] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1022] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1022] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[49]}, 88) = 49 [pid 1022] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1022] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1022] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1023 attached [pid 1023] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1023] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1023] memfd_create("syzkaller", 0) = 3 [pid 1023] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./23/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./23/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./23/file4") = 0 [pid 293] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./23/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./23") = 0 [pid 293] mkdir("./24", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 51 ./strace-static-x86_64: Process 1024 attached [pid 1024] set_robust_list(0x5555875796a0, 24) = 0 [pid 1024] chdir("./24") = 0 [pid 1024] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1024] setpgid(0, 0) = 0 [pid 1024] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1024] write(3, "1000", 4) = 4 [pid 1024] close(3) = 0 [pid 1024] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1024] write(1, "executing program\n", 18) = 18 [pid 1024] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1024] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1024] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1024] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1024] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1024] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1024] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[52]}, 88) = 52 [pid 1024] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1024] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1024] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1025 attached [pid 1025] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1025] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1025] memfd_create("syzkaller", 0) = 3 [pid 1025] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1017] <... write resumed>) = 20699119 [pid 1017] munmap(0x7fc71771c000, 138412032) = 0 [pid 1017] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 1017] ioctl(4, LOOP_SET_FD, 3 [pid 1019] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1017] <... ioctl resumed>) = 0 [pid 1017] close(3) = 0 [pid 1017] close(4) = 0 [pid 1017] mkdir("./file4", 0777) = 0 [ 51.630831][ T1017] loop1: detected capacity change from 0 to 40427 [ 51.652233][ T1017] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 51.670832][ T1017] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 1017] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1023] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 51.679138][ T1017] F2FS-fs (loop1): fault_injection options not supported [ 51.700808][ T1017] F2FS-fs (loop1): fault_type options not supported [ 51.726384][ T1017] F2FS-fs (loop1): invalid crc value [pid 1021] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1025] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1019] <... write resumed>) = 20699119 [pid 1019] munmap(0x7fc71771c000, 138412032) = 0 [pid 1019] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 51.769871][ T1017] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 1019] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1019] close(3) = 0 [pid 1019] close(4) = 0 [pid 1019] mkdir("./file4", 0777) = 0 [pid 1019] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1023] <... write resumed>) = 20699119 [pid 1023] munmap(0x7fc71771c000, 138412032) = 0 [pid 1023] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 51.830997][ T1019] loop0: detected capacity change from 0 to 40427 [ 51.849951][ T1019] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 51.869677][ T1019] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 1023] ioctl(4, LOOP_SET_FD, 3 [pid 1021] <... write resumed>) = 20699119 [pid 1021] munmap(0x7fc71771c000, 138412032) = 0 [pid 1021] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1021] ioctl(4, LOOP_SET_FD, 3 [pid 1023] <... ioctl resumed>) = 0 [pid 1023] close(3) = 0 [pid 1023] close(4) = 0 [pid 1023] mkdir("./file4", 0777) = 0 [pid 1023] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1021] <... ioctl resumed>) = 0 [pid 1021] close(3) = 0 [pid 1021] close(4) = 0 [ 51.870779][ T1023] loop4: detected capacity change from 0 to 40427 [ 51.884369][ T1019] F2FS-fs (loop0): fault_injection options not supported [ 51.884394][ T1019] F2FS-fs (loop0): fault_type options not supported [ 51.900917][ T1021] loop3: detected capacity change from 0 to 40427 [ 51.903393][ T1023] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 51.907475][ T1019] F2FS-fs (loop0): invalid crc value [ 51.915158][ T1023] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 1021] mkdir("./file4", 0777) = 0 [pid 1021] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1017] <... mount resumed>) = 0 [ 51.930608][ T1017] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 51.937685][ T1017] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 51.945793][ T1021] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 51.960407][ T1021] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 51.962814][ T1023] F2FS-fs (loop4): fault_injection options not supported [pid 1017] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1017] chdir("./file4") = 0 [pid 1025] <... write resumed>) = 20699119 [pid 1025] munmap(0x7fc71771c000, 138412032 [pid 1017] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1025] <... munmap resumed>) = 0 [pid 1017] <... openat resumed>) = 4 [pid 1025] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 1017] ioctl(4, LOOP_CLR_FD [pid 1025] <... openat resumed>) = 4 [pid 1017] <... ioctl resumed>) = 0 [pid 1025] ioctl(4, LOOP_SET_FD, 3 [pid 1017] close(4) = 0 [pid 1025] <... ioctl resumed>) = 0 [pid 1017] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1025] close(3) = 0 [pid 1017] <... futex resumed>) = 1 [pid 1015] <... futex resumed>) = 0 [pid 1025] close(4 [pid 1017] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1025] <... close resumed>) = 0 [pid 1015] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1025] mkdir("./file4", 0777) = 0 [pid 1017] <... futex resumed>) = 0 [pid 1015] <... futex resumed>) = 1 [pid 1025] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1017] fspick(AT_FDCWD, ".", 0) = 4 [pid 1015] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1017] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1015] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1015] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 51.976163][ T1021] F2FS-fs (loop3): fault_injection options not supported [ 51.984485][ T1021] F2FS-fs (loop3): fault_type options not supported [ 51.988686][ T1023] F2FS-fs (loop4): fault_type options not supported [ 51.993293][ T1019] F2FS-fs (loop0): Found nat_bits in checkpoint [ 52.001315][ T1023] F2FS-fs (loop4): invalid crc value [ 52.010055][ T1025] loop2: detected capacity change from 0 to 40427 [ 52.016622][ T1021] F2FS-fs (loop3): invalid crc value [ 52.024123][ T1025] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 1017] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [pid 1017] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1015] <... futex resumed>) = 0 [pid 1015] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1015] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1017] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1017] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1015] <... futex resumed>) = 0 [pid 1017] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1015] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1017] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 52.032465][ T1017] F2FS-fs (loop1): switch discard_unit option is not allowed [ 52.048055][ T1025] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 52.049574][ T1023] F2FS-fs (loop4): Found nat_bits in checkpoint [ 52.058372][ T1025] F2FS-fs (loop2): fault_injection options not supported [ 52.069684][ T1025] F2FS-fs (loop2): fault_type options not supported [pid 1015] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1017] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1017] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1015] <... futex resumed>) = 0 [pid 1017] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1015] close(3) = 0 [pid 1015] close(4) = 0 [pid 1015] close(5) = 0 [pid 1015] close(6) = -1 EBADF (Bad file descriptor) [pid 1015] close(7) = -1 EBADF (Bad file descriptor) [pid 1015] close(8) = -1 EBADF (Bad file descriptor) [pid 1015] close(9) = -1 EBADF (Bad file descriptor) [pid 1015] close(10) = -1 EBADF (Bad file descriptor) [pid 1015] close(11) = -1 EBADF (Bad file descriptor) [pid 1015] close(12) = -1 EBADF (Bad file descriptor) [pid 1015] close(13) = -1 EBADF (Bad file descriptor) [pid 1015] close(14) = -1 EBADF (Bad file descriptor) [pid 1015] close(15) = -1 EBADF (Bad file descriptor) [pid 1015] close(16) = -1 EBADF (Bad file descriptor) [pid 1015] close(17) = -1 EBADF (Bad file descriptor) [pid 1015] close(18) = -1 EBADF (Bad file descriptor) [pid 1015] close(19) = -1 EBADF (Bad file descriptor) [pid 1015] close(20) = -1 EBADF (Bad file descriptor) [pid 1015] close(21) = -1 EBADF (Bad file descriptor) [pid 1015] close(22) = -1 EBADF (Bad file descriptor) [pid 1015] close(23) = -1 EBADF (Bad file descriptor) [pid 1015] close(24) = -1 EBADF (Bad file descriptor) [pid 1015] close(25) = -1 EBADF (Bad file descriptor) [pid 1015] close(26) = -1 EBADF (Bad file descriptor) [pid 1015] close(27) = -1 EBADF (Bad file descriptor) [pid 1015] close(28) = -1 EBADF (Bad file descriptor) [pid 1015] close(29) = -1 EBADF (Bad file descriptor) [pid 1015] exit_group(0) = ? [pid 1017] <... futex resumed>) = ? [pid 1017] +++ exited with 0 +++ [pid 1015] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=4, si_stime=18} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 52.078945][ T1021] F2FS-fs (loop3): Found nat_bits in checkpoint [ 52.088477][ T1025] F2FS-fs (loop2): invalid crc value [ 52.094297][ T1019] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 52.104275][ T1019] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 52.114196][ T297] syz-executor248: attempt to access beyond end of device [ 52.114196][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 297] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1019] <... mount resumed>) = 0 [pid 1019] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1019] chdir("./file4") = 0 [pid 1019] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1019] ioctl(4, LOOP_CLR_FD) = 0 [pid 1019] close(4) = 0 [pid 1023] <... mount resumed>) = 0 [pid 1019] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 1019] <... futex resumed>) = 1 [pid 1018] <... futex resumed>) = 0 [pid 1023] <... openat resumed>) = 3 [pid 1019] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1018] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] chdir("./file4" [pid 1019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1018] <... futex resumed>) = 0 [pid 1023] <... chdir resumed>) = 0 [pid 1019] fspick(AT_FDCWD, ".", 0 [pid 1018] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1023] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 1019] <... fspick resumed>) = 4 [pid 1023] <... openat resumed>) = 4 [pid 1019] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] ioctl(4, LOOP_CLR_FD [pid 1019] <... futex resumed>) = 1 [pid 1018] <... futex resumed>) = 0 [pid 1023] <... ioctl resumed>) = 0 [pid 1019] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1018] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] close(4 [pid 1019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1018] <... futex resumed>) = 0 [pid 1023] <... close resumed>) = 0 [pid 1019] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1023] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1018] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1023] <... futex resumed>) = 1 [pid 1022] <... futex resumed>) = 0 [pid 1023] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1022] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] <... futex resumed>) = 0 [pid 1022] <... futex resumed>) = 1 [pid 1023] fspick(AT_FDCWD, ".", 0) = 4 [pid 1022] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1023] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1023] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1022] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1022] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] <... futex resumed>) = 0 [pid 1022] <... futex resumed>) = 1 [pid 1023] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1022] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1023] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1019] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [ 52.118510][ T1023] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 52.144637][ T1023] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 52.152886][ T1025] F2FS-fs (loop2): Found nat_bits in checkpoint [ 52.162968][ T1019] F2FS-fs (loop0): switch discard_unit option is not allowed [ 52.172491][ T1023] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 1023] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1019] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] <... futex resumed>) = 1 [pid 1022] <... futex resumed>) = 0 [pid 1019] <... futex resumed>) = 1 [pid 1018] <... futex resumed>) = 0 [pid 1023] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1022] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1019] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1018] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1022] <... futex resumed>) = 0 [pid 1022] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1023] <... open resumed>) = 5 [pid 1019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1018] <... futex resumed>) = 0 [pid 1023] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1019] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1018] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1023] <... futex resumed>) = 1 [pid 1023] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1022] <... futex resumed>) = 0 [pid 1019] <... open resumed>) = 5 [pid 1019] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1022] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1019] <... futex resumed>) = 1 [pid 1018] <... futex resumed>) = 0 [pid 1019] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1018] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1019] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1018] <... futex resumed>) = 0 [pid 1019] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1018] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1022] <... futex resumed>) = 1 [pid 1022] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1019] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1023] <... futex resumed>) = 0 [pid 1019] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1023] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1019] <... futex resumed>) = 1 [pid 1018] <... futex resumed>) = 0 [pid 1023] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1019] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1018] close(3 [pid 1023] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1018] <... close resumed>) = 0 [pid 1023] <... futex resumed>) = 1 [pid 1018] close(4 [pid 1023] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1022] <... futex resumed>) = 0 [pid 1018] <... close resumed>) = 0 [pid 1022] close(3 [pid 1018] close(5 [pid 1022] <... close resumed>) = 0 [pid 1018] <... close resumed>) = 0 [pid 1022] close(4 [pid 1018] close(6 [pid 1022] <... close resumed>) = 0 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(5 [pid 1018] close(7 [pid 1022] <... close resumed>) = 0 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(6 [pid 1018] close(8 [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(7 [pid 1018] close(9 [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(8 [pid 1018] close(10 [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(9 [pid 1018] close(11 [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(10 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(12 [pid 1022] close(11 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(13 [pid 1022] close(12) = -1 EBADF (Bad file descriptor) [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(13) = -1 EBADF (Bad file descriptor) [pid 1018] close(14 [pid 1022] close(14) = -1 EBADF (Bad file descriptor) [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(15 [pid 1018] close(15 [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] close(16) = -1 EBADF (Bad file descriptor) [pid 1018] close(16 [pid 1022] close(17 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(17 [pid 1022] close(18 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(18 [pid 1022] close(19 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(19 [pid 1022] close(20 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(20 [pid 1022] close(21 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(21 [pid 1022] close(22 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(22 [pid 1022] close(23 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(23 [pid 1022] close(24 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(24 [pid 1022] close(25 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(25 [pid 1022] close(26 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(26 [pid 1022] close(27 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(27 [pid 1022] close(28 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(28 [pid 1022] close(29 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1022] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1018] close(29 [pid 1022] exit_group(0 [pid 1018] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1023] <... futex resumed>) = ? [pid 1022] <... exit_group resumed>) = ? [pid 1023] +++ exited with 0 +++ [pid 1022] +++ exited with 0 +++ [pid 1018] exit_group(0 [pid 1019] <... futex resumed>) = ? [pid 1018] <... exit_group resumed>) = ? [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=48, si_uid=0, si_status=0, si_utime=5, si_stime=25} --- [pid 1019] +++ exited with 0 +++ [pid 1018] +++ exited with 0 +++ [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=49, si_uid=0, si_status=0, si_utime=4, si_stime=17} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 299] <... restart_syscall resumed>) = 0 [ 52.192651][ T1021] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 52.205586][ T1021] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 299] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... restart_syscall resumed>) = 0 [pid 299] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", [pid 294] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 299] getdents64(3, [pid 294] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 299] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] <... openat resumed>) = 3 [pid 299] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1021] <... mount resumed>) = 0 [pid 1021] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1021] chdir("./file4") = 0 [pid 1021] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1021] ioctl(4, LOOP_CLR_FD) = 0 [pid 1021] close(4) = 0 [pid 1021] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1020] <... futex resumed>) = 0 [pid 1020] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1020] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1021] <... futex resumed>) = 1 [pid 1021] fspick(AT_FDCWD, ".", 0) = 4 [pid 1021] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1020] <... futex resumed>) = 0 [pid 1020] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1020] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1021] <... futex resumed>) = 1 [ 52.235153][ T1025] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 52.244922][ T299] syz-executor248: attempt to access beyond end of device [ 52.244922][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 52.252162][ T1021] F2FS-fs (loop3): switch discard_unit option is not allowed [ 52.267070][ T294] syz-executor248: attempt to access beyond end of device [ 52.267070][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 1021] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1025] <... mount resumed>) = 0 [pid 1025] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1025] chdir("./file4") = 0 [pid 1025] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1025] ioctl(4, LOOP_CLR_FD) = 0 [pid 1025] close(4) = 0 [pid 1025] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1025] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1021] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1021] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1020] <... futex resumed>) = 0 [pid 1020] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1020] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1021] <... futex resumed>) = 1 [pid 1021] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1024] <... futex resumed>) = 0 [pid 1024] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... umount2 resumed>) = 0 [pid 1025] <... futex resumed>) = 0 [pid 1024] <... futex resumed>) = 1 [pid 297] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1025] fspick(AT_FDCWD, ".", 0 [pid 1024] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1025] <... fspick resumed>) = 4 [pid 1025] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1025] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1024] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1021] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1020] <... futex resumed>) = 0 [pid 1020] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1020] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1021] <... futex resumed>) = 1 [pid 1021] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1024] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1021] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1021] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1024] <... futex resumed>) = 1 [pid 297] newfstatat(AT_FDCWD, "./24/file4", [pid 1025] <... futex resumed>) = 0 [pid 1024] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1021] <... futex resumed>) = 1 [pid 1020] <... futex resumed>) = 0 [pid 1025] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 52.284732][ T1025] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 1020] close(3 [pid 1025] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1020] <... close resumed>) = 0 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1020] close(4) = 0 [pid 1020] close(5) = 0 [pid 1020] close(6) = -1 EBADF (Bad file descriptor) [pid 1020] close(7) = -1 EBADF (Bad file descriptor) [pid 1020] close(8) = -1 EBADF (Bad file descriptor) [pid 1021] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1020] close(9 [pid 297] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./24/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1020] close(10 [pid 297] <... openat resumed>) = 4 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] newfstatat(4, "", [pid 1020] close(11 [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 1025] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1025] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1024] <... futex resumed>) = 0 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] getdents64(4, [pid 1020] close(12 [pid 1024] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 1024] <... futex resumed>) = 1 [pid 1020] close(13 [pid 297] getdents64(4, [pid 1025] <... futex resumed>) = 0 [pid 1025] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 297] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 1025] <... open resumed>) = 5 [pid 1020] close(14 [pid 297] close(4 [pid 1025] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1025] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1024] <... futex resumed>) = 0 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... close resumed>) = 0 [pid 1024] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1020] close(15 [pid 297] rmdir("./24/file4" [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] <... futex resumed>) = 1 [pid 1020] close(16 [pid 297] <... rmdir resumed>) = 0 [pid 1025] <... futex resumed>) = 0 [pid 1025] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1025] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1025] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1024] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1024] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1020] close(17 [pid 297] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1024] close(3 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] <... close resumed>) = 0 [pid 297] newfstatat(AT_FDCWD, "./24/binderfs", [pid 1020] close(18 [pid 1024] close(4 [pid 297] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./24/binderfs" [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] <... close resumed>) = 0 [pid 297] <... unlink resumed>) = 0 [pid 1020] close(19 [pid 1024] close(5 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] getdents64(3, [pid 1024] <... close resumed>) = 0 [pid 1020] close(20 [pid 1024] close(6 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... getdents64 resumed>0x55558757a730 /* 0 entries */, 32768) = 0 [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] close(21 [pid 297] close(3 [pid 1024] close(7 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] close(22 [pid 297] <... close resumed>) = 0 [pid 1024] close(8 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] rmdir("./24" [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] close(23 [pid 297] <... rmdir resumed>) = 0 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] close(9 [pid 1020] close(24 [pid 297] mkdir("./25", 0777 [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... mkdir resumed>) = 0 [pid 1020] close(25 [pid 1024] close(10 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] close(26 [pid 1024] close(11 [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... openat resumed>) = 3 [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] close(27 [pid 1024] close(12 [pid 297] ioctl(3, LOOP_CLR_FD [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 297] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 1024] close(13 [pid 1020] close(28 [pid 297] close(3 [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] close(14 [pid 1020] close(29 [pid 297] <... close resumed>) = 0 [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1020] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] close(15 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1020] exit_group(0 [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] close(16) = -1 EBADF (Bad file descriptor) [pid 1021] <... futex resumed>) = ? [pid 1020] <... exit_group resumed>) = ? [pid 297] <... clone resumed>, child_tidptr=0x555587579690) = 52 [pid 1021] +++ exited with 0 +++ [pid 1024] close(17 [pid 1020] +++ exited with 0 +++ [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1024] close(18 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=8, si_stime=16} --- [pid 1024] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 1024] close(19) = -1 EBADF (Bad file descriptor) [pid 1024] close(20) = -1 EBADF (Bad file descriptor) [pid 1024] close(21) = -1 EBADF (Bad file descriptor) [pid 1024] close(22) = -1 EBADF (Bad file descriptor) [pid 1024] close(23) = -1 EBADF (Bad file descriptor) [pid 1024] close(24) = -1 EBADF (Bad file descriptor) [pid 1024] close(25) = -1 EBADF (Bad file descriptor) [pid 1024] close(26) = -1 EBADF (Bad file descriptor) [pid 1024] close(27) = -1 EBADF (Bad file descriptor) [pid 1024] close(28) = -1 EBADF (Bad file descriptor) [pid 1024] close(29) = -1 EBADF (Bad file descriptor) [pid 1024] exit_group(0 [pid 1025] <... futex resumed>) = ? [pid 1024] <... exit_group resumed>) = ? [pid 1025] +++ exited with 0 +++ [pid 1024] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=51, si_uid=0, si_status=0, si_utime=7, si_stime=19} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>executing program ./strace-static-x86_64: Process 1046 attached [pid 1046] set_robust_list(0x5555875796a0, 24) = 0 [pid 1046] chdir("./25") = 0 [pid 1046] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1046] setpgid(0, 0) = 0 [pid 1046] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1046] write(3, "1000", 4) = 4 [pid 1046] close(3) = 0 [pid 1046] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1046] write(1, "executing program\n", 18) = 18 [pid 1046] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1046] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1046] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1046] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1046] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1046] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1046] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[53]}, 88) = 53 [pid 1046] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1046] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1046] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1047 attached [pid 1047] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1047] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1047] memfd_create("syzkaller", 0) = 3 [pid 1047] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 293] <... restart_syscall resumed>) = 0 [pid 298] <... restart_syscall resumed>) = 0 [pid 293] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 298] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 293] <... openat resumed>) = 3 [pid 298] <... openat resumed>) = 3 [pid 293] newfstatat(3, "", [pid 298] newfstatat(3, "", [pid 293] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [ 52.331657][ T1025] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, [pid 298] getdents64(3, [pid 293] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW [ 52.375146][ T298] syz-executor248: attempt to access beyond end of device [ 52.375146][ T298] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 52.390105][ T293] syz-executor248: attempt to access beyond end of device [ 52.390105][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 298] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./23/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./23/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./23/file4") = 0 [pid 299] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./23/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./23") = 0 [pid 299] mkdir("./24", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 50 ./strace-static-x86_64: Process 1048 attached [pid 1048] set_robust_list(0x5555875796a0, 24) = 0 [pid 1048] chdir("./24") = 0 [pid 1048] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1048] setpgid(0, 0) = 0 [pid 1048] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1048] write(3, "1000", 4) = 4 [pid 1048] close(3) = 0 [pid 1048] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1048] write(1, "executing program\n", 18executing program ) = 18 [pid 1048] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1048] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1048] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1048] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1048] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1048] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1048] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[51]}, 88) = 51 [pid 1048] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1048] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1048] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1049 attached [pid 1049] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1049] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1049] memfd_create("syzkaller", 0) = 3 [pid 1049] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./23/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./23/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./23/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./23/file4") = 0 [pid 294] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./23/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./23") = 0 [pid 294] mkdir("./24", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 51 ./strace-static-x86_64: Process 1050 attached [pid 1050] set_robust_list(0x5555875796a0, 24) = 0 [pid 1050] chdir("./24") = 0 [pid 1050] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1050] setpgid(0, 0) = 0 [pid 1050] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1050] write(3, "1000", 4) = 4 [pid 1050] close(3) = 0 [pid 1050] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1050] write(1, "executing program\n", 18executing program ) = 18 [pid 1050] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1050] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1050] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1050] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1050] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1050] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1050] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[52]}, 88) = 52 [pid 1050] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1050] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1050] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1051 attached [pid 1051] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1051] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1051] memfd_create("syzkaller", 0) = 3 [pid 1051] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1047] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./24/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./24/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./24/file4") = 0 [pid 298] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./24/binderfs") = 0 [pid 293] <... umount2 resumed>) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./24") = 0 [pid 298] mkdir("./25", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 52 [pid 293] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./24/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./24/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./24/file4") = 0 [pid 293] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./24/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./24") = 0 [pid 293] mkdir("./25", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3./strace-static-x86_64: Process 1052 attached ) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1052] set_robust_list(0x5555875796a0, 24 [pid 293] <... clone resumed>, child_tidptr=0x555587579690) = 53 [pid 1052] <... set_robust_list resumed>) = 0 [pid 1052] chdir("./25") = 0 [pid 1052] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1052] setpgid(0, 0) = 0 [pid 1052] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1052] write(3, "1000", 4) = 4 [pid 1052] close(3) = 0 [pid 1052] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1052] write(1, "executing program\n", 18executing program ) = 18 [pid 1052] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1049] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1052] <... futex resumed>) = 0 [pid 1052] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1052] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1052] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1052] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1052] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1052] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[53]}, 88) = 53 [pid 1052] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1052] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1052] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1053 attached [pid 1053] set_robust_list(0x5555875796a0, 24) = 0 [pid 1053] chdir("./25") = 0 [pid 1053] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1053] setpgid(0, 0) = 0 [pid 1053] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 1054 attached [pid 1054] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1054] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1054] memfd_create("syzkaller", 0) = 3 [pid 1053] write(3, "1000", 4 [pid 1054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1053] <... write resumed>) = 4 [pid 1053] close(3) = 0 [pid 1053] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1053] write(1, "executing program\n", 18executing program ) = 18 [pid 1053] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1053] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1053] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1053] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1053] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1053] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1053] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[54]}, 88) = 54 ./strace-static-x86_64: Process 1055 attached [pid 1053] rt_sigprocmask(SIG_SETMASK, [], [pid 1055] set_robust_list(0x7fc71fb3c9a0, 24 [pid 1053] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1055] <... set_robust_list resumed>) = 0 [pid 1055] rt_sigprocmask(SIG_SETMASK, [], [pid 1053] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1053] <... futex resumed>) = 0 [pid 1053] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1055] memfd_create("syzkaller", 0) = 3 [pid 1055] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1051] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1047] <... write resumed>) = 20699119 [pid 1047] munmap(0x7fc71771c000, 138412032) = 0 [pid 1047] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 1047] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1047] close(3) = 0 [pid 1047] close(4) = 0 [pid 1047] mkdir("./file4", 0777) = 0 [ 52.811483][ T1047] loop1: detected capacity change from 0 to 40427 [ 52.840727][ T1047] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [pid 1047] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1049] <... write resumed>) = 20699119 [ 52.858136][ T1047] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 52.881578][ T1047] F2FS-fs (loop1): fault_injection options not supported [pid 1049] munmap(0x7fc71771c000, 138412032) = 0 [pid 1049] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1049] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1049] close(3) = 0 [pid 1049] close(4) = 0 [pid 1049] mkdir("./file4", 0777) = 0 [pid 1049] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1055] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1051] <... write resumed>) = 20699119 [pid 1051] munmap(0x7fc71771c000, 138412032) = 0 [pid 1051] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 52.906061][ T1047] F2FS-fs (loop1): fault_type options not supported [ 52.920867][ T1049] loop4: detected capacity change from 0 to 40427 [ 52.930331][ T1047] F2FS-fs (loop1): invalid crc value [ 52.938969][ T1049] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 52.950369][ T1049] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 1051] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1051] close(3) = 0 [pid 1051] close(4) = 0 [pid 1054] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1051] mkdir("./file4", 0777) = 0 [ 52.967576][ T1051] loop0: detected capacity change from 0 to 40427 [ 52.969182][ T1049] F2FS-fs (loop4): fault_injection options not supported [ 52.992058][ T1051] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 52.999055][ T1051] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 53.000364][ T1049] F2FS-fs (loop4): fault_type options not supported [ 53.026686][ T1049] F2FS-fs (loop4): invalid crc value [ 53.026707][ T1047] F2FS-fs (loop1): Found nat_bits in checkpoint [ 53.040506][ T1051] F2FS-fs (loop0): fault_injection options not supported [ 53.047673][ T1051] F2FS-fs (loop0): fault_type options not supported [ 53.070747][ T1051] F2FS-fs (loop0): invalid crc value [pid 1051] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1055] <... write resumed>) = 20699119 [pid 1055] munmap(0x7fc71771c000, 138412032) = 0 [pid 1055] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1055] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1055] close(3) = 0 [pid 1055] close(4) = 0 [pid 1055] mkdir("./file4", 0777) = 0 [ 53.076801][ T1049] F2FS-fs (loop4): Found nat_bits in checkpoint [ 53.086099][ T1055] loop2: detected capacity change from 0 to 40427 [ 53.109325][ T1051] F2FS-fs (loop0): Found nat_bits in checkpoint [ 53.118430][ T1055] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 1055] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1054] <... write resumed>) = 20699119 [pid 1054] munmap(0x7fc71771c000, 138412032) = 0 [pid 1054] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1054] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1054] close(3) = 0 [pid 1054] close(4) = 0 [pid 1054] mkdir("./file4", 0777) = 0 [pid 1054] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1047] <... mount resumed>) = 0 [ 53.126283][ T1047] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 53.132998][ T1054] loop3: detected capacity change from 0 to 40427 [ 53.141880][ T1047] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 53.143157][ T1055] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 53.157827][ T1054] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 53.165307][ T1049] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [pid 1047] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1049] <... mount resumed>) = 0 [pid 1049] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1049] chdir("./file4") = 0 [pid 1049] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1049] ioctl(4, LOOP_CLR_FD) = 0 [pid 1049] close(4) = 0 [pid 1049] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] <... futex resumed>) = 0 [pid 1048] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1048] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1049] <... futex resumed>) = 1 [pid 1049] fspick(AT_FDCWD, ".", 0) = 4 [pid 1049] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] <... futex resumed>) = 0 [pid 1048] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1048] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1049] <... futex resumed>) = 1 [pid 1049] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1047] chdir("./file4" [pid 1049] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1049] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1048] <... futex resumed>) = 0 [pid 1049] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1048] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1049] <... open resumed>) = 5 [pid 1048] <... futex resumed>) = 0 [pid 1049] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1049] <... futex resumed>) = 0 [pid 1048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1049] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1048] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1049] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1048] <... futex resumed>) = 0 [pid 1047] <... chdir resumed>) = 0 [pid 1049] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1049] <... futex resumed>) = 0 [pid 1048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1049] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1048] close(3) = 0 [pid 1048] close(4) = 0 [pid 1048] close(5) = 0 [pid 1048] close(6) = -1 EBADF (Bad file descriptor) [pid 1048] close(7) = -1 EBADF (Bad file descriptor) [pid 1048] close(8) = -1 EBADF (Bad file descriptor) [pid 1048] close(9) = -1 EBADF (Bad file descriptor) [pid 1048] close(10) = -1 EBADF (Bad file descriptor) [pid 1048] close(11) = -1 EBADF (Bad file descriptor) [pid 1048] close(12) = -1 EBADF (Bad file descriptor) [pid 1048] close(13) = -1 EBADF (Bad file descriptor) [pid 1048] close(14) = -1 EBADF (Bad file descriptor) [pid 1048] close(15) = -1 EBADF (Bad file descriptor) [pid 1048] close(16) = -1 EBADF (Bad file descriptor) [pid 1048] close(17) = -1 EBADF (Bad file descriptor) [pid 1048] close(18) = -1 EBADF (Bad file descriptor) [pid 1048] close(19) = -1 EBADF (Bad file descriptor) [pid 1048] close(20) = -1 EBADF (Bad file descriptor) [pid 1047] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1048] close(21) = -1 EBADF (Bad file descriptor) [pid 1047] <... openat resumed>) = 4 [pid 1048] close(22 [pid 1047] ioctl(4, LOOP_CLR_FD [pid 1048] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1047] <... ioctl resumed>) = 0 [pid 1048] close(23 [pid 1047] close(4 [pid 1048] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1048] close(24 [pid 1047] <... close resumed>) = 0 [pid 1048] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1047] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] close(25) = -1 EBADF (Bad file descriptor) [pid 1047] <... futex resumed>) = 1 [pid 1046] <... futex resumed>) = 0 [pid 1048] close(26 [pid 1047] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1046] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1047] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1046] <... futex resumed>) = 0 [pid 1048] close(27 [pid 1047] fspick(AT_FDCWD, ".", 0 [pid 1046] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1048] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1047] <... fspick resumed>) = 4 [pid 1048] close(28 [pid 1047] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1048] close(29 [pid 1047] <... futex resumed>) = 1 [pid 1046] <... futex resumed>) = 0 [pid 1048] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1047] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1046] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1048] exit_group(0 [pid 1047] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1046] <... futex resumed>) = 0 [pid 1049] <... futex resumed>) = ? [pid 1048] <... exit_group resumed>) = ? [pid 1049] +++ exited with 0 +++ [pid 1048] +++ exited with 0 +++ [pid 1047] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 53.172850][ T1054] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 53.181437][ T1049] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 53.190809][ T1049] F2FS-fs (loop4): switch discard_unit option is not allowed [ 53.202618][ T1055] F2FS-fs (loop2): fault_injection options not supported [ 53.209785][ T1055] F2FS-fs (loop2): fault_type options not supported [ 53.218657][ T1047] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 1046] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=50, si_uid=0, si_status=0, si_utime=6, si_stime=18} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1047] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1047] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1046] <... futex resumed>) = 0 [pid 1046] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1047] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1046] <... futex resumed>) = 0 [pid 1047] <... open resumed>) = 5 [pid 1046] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1047] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1046] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1047] <... futex resumed>) = 0 [pid 1046] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1047] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1046] <... futex resumed>) = 0 [ 53.218754][ T1054] F2FS-fs (loop3): fault_injection options not supported [ 53.235157][ T299] syz-executor248: attempt to access beyond end of device [ 53.235157][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 53.235959][ T1054] F2FS-fs (loop3): fault_type options not supported [ 53.258385][ T1055] F2FS-fs (loop2): invalid crc value [ 53.265201][ T1051] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [pid 1047] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1046] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1047] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1046] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1047] <... futex resumed>) = 0 [pid 1046] close(3 [pid 1047] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1046] <... close resumed>) = 0 [pid 1046] close(4) = 0 [pid 1046] close(5) = 0 [pid 1046] close(6) = -1 EBADF (Bad file descriptor) [pid 1046] close(7) = -1 EBADF (Bad file descriptor) [pid 1046] close(8) = -1 EBADF (Bad file descriptor) [pid 1046] close(9) = -1 EBADF (Bad file descriptor) [pid 1046] close(10) = -1 EBADF (Bad file descriptor) [pid 1046] close(11) = -1 EBADF (Bad file descriptor) [pid 1046] close(12) = -1 EBADF (Bad file descriptor) [pid 1046] close(13) = -1 EBADF (Bad file descriptor) [pid 1046] close(14) = -1 EBADF (Bad file descriptor) [pid 1046] close(15) = -1 EBADF (Bad file descriptor) [pid 1046] close(16) = -1 EBADF (Bad file descriptor) [pid 1046] close(17) = -1 EBADF (Bad file descriptor) [pid 1046] close(18) = -1 EBADF (Bad file descriptor) [pid 1046] close(19) = -1 EBADF (Bad file descriptor) [pid 1046] close(20) = -1 EBADF (Bad file descriptor) [pid 1046] close(21) = -1 EBADF (Bad file descriptor) [pid 1046] close(22) = -1 EBADF (Bad file descriptor) [pid 1046] close(23) = -1 EBADF (Bad file descriptor) [pid 1046] close(24) = -1 EBADF (Bad file descriptor) [pid 1046] close(25) = -1 EBADF (Bad file descriptor) [pid 1046] close(26) = -1 EBADF (Bad file descriptor) [pid 1046] close(27) = -1 EBADF (Bad file descriptor) [pid 1046] close(28) = -1 EBADF (Bad file descriptor) [pid 1046] close(29) = -1 EBADF (Bad file descriptor) [pid 1046] exit_group(0 [pid 1047] <... futex resumed>) = ? [pid 1046] <... exit_group resumed>) = ? [pid 1047] +++ exited with 0 +++ [pid 1046] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=52, si_uid=0, si_status=0, si_utime=8, si_stime=19} --- [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 1051] <... mount resumed>) = 0 [pid 1051] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1051] chdir("./file4") = 0 [pid 1051] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1051] ioctl(4, LOOP_CLR_FD) = 0 [pid 1051] close(4 [pid 297] <... restart_syscall resumed>) = 0 [pid 297] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 297] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1051] <... close resumed>) = 0 [pid 1051] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1051] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1050] <... futex resumed>) = 0 [pid 1050] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1051] <... futex resumed>) = 0 [pid 1050] <... futex resumed>) = 1 [pid 1051] fspick(AT_FDCWD, ".", 0 [pid 1050] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1051] <... fspick resumed>) = 4 [pid 1051] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 53.273575][ T1051] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 53.280521][ T1054] F2FS-fs (loop3): invalid crc value [ 53.295371][ T1055] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 1051] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1050] <... futex resumed>) = 0 [pid 1050] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1051] <... futex resumed>) = 0 [pid 1050] <... futex resumed>) = 1 [pid 1051] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1050] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1051] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1051] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1050] <... futex resumed>) = 0 [pid 1050] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1050] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1051] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1051] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1050] <... futex resumed>) = 0 [pid 1050] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1050] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1051] <... futex resumed>) = 1 [pid 1051] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1051] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1050] <... futex resumed>) = 0 [pid 1050] close(3) = 0 [pid 1050] close(4) = 0 [pid 1050] close(5) = 0 [pid 1050] close(6) = -1 EBADF (Bad file descriptor) [pid 1050] close(7) = -1 EBADF (Bad file descriptor) [pid 1050] close(8) = -1 EBADF (Bad file descriptor) [pid 1050] close(9) = -1 EBADF (Bad file descriptor) [pid 1050] close(10) = -1 EBADF (Bad file descriptor) [pid 1050] close(11) = -1 EBADF (Bad file descriptor) [pid 1050] close(12) = -1 EBADF (Bad file descriptor) [pid 1050] close(13) = -1 EBADF (Bad file descriptor) [pid 1050] close(14) = -1 EBADF (Bad file descriptor) [pid 1050] close(15) = -1 EBADF (Bad file descriptor) [pid 1050] close(16) = -1 EBADF (Bad file descriptor) [pid 1050] close(17) = -1 EBADF (Bad file descriptor) [pid 1050] close(18) = -1 EBADF (Bad file descriptor) [pid 1050] close(19) = -1 EBADF (Bad file descriptor) [pid 1050] close(20) = -1 EBADF (Bad file descriptor) [pid 1050] close(21) = -1 EBADF (Bad file descriptor) [pid 1050] close(22) = -1 EBADF (Bad file descriptor) [pid 1050] close(23) = -1 EBADF (Bad file descriptor) [pid 1050] close(24) = -1 EBADF (Bad file descriptor) [pid 1050] close(25) = -1 EBADF (Bad file descriptor) [pid 1050] close(26) = -1 EBADF (Bad file descriptor) [pid 1050] close(27) = -1 EBADF (Bad file descriptor) [pid 1050] close(28) = -1 EBADF (Bad file descriptor) [pid 1050] close(29) = -1 EBADF (Bad file descriptor) [pid 1050] exit_group(0) = ? [pid 1051] <... futex resumed>) = ? [pid 1051] +++ exited with 0 +++ [pid 1050] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=51, si_uid=0, si_status=0, si_utime=6, si_stime=21} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 53.321552][ T1054] F2FS-fs (loop3): Found nat_bits in checkpoint [ 53.331245][ T1051] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 294] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./24/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./24/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./24/file4") = 0 [pid 299] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./24/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./24") = 0 [pid 299] mkdir("./25", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 52 ./strace-static-x86_64: Process 1075 attached [pid 1075] set_robust_list(0x5555875796a0, 24) = 0 [pid 1075] chdir("./25") = 0 [pid 1075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1075] setpgid(0, 0) = 0 [pid 1075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1075] write(3, "1000", 4) = 4 [pid 1075] close(3) = 0 [pid 1075] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1075] write(1, "executing program\n", 18executing program ) = 18 [pid 1075] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1075] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1055] <... mount resumed>) = 0 [pid 1075] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 1055] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1055] chdir("./file4") = 0 [pid 1075] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1075] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1075] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1075] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[53]}, 88) = 53 [pid 1075] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1075] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1075] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1055] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 1077 attached [pid 1077] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1077] rt_sigprocmask(SIG_SETMASK, [], [pid 1055] <... openat resumed>) = 4 [pid 1055] ioctl(4, LOOP_CLR_FD) = 0 [pid 1055] close(4 [pid 1077] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1077] memfd_create("syzkaller", 0) = 3 [pid 1077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 53.420717][ T1055] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 53.428526][ T1055] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 53.444062][ T1054] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [pid 1055] <... close resumed>) = 0 [pid 1055] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1053] <... futex resumed>) = 0 [pid 1055] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1053] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... futex resumed>) = 0 [pid 1053] <... futex resumed>) = 1 [pid 1055] fspick(AT_FDCWD, ".", 0) = 4 [pid 1053] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1055] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1053] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1055] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1053] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... futex resumed>) = 0 [pid 1053] <... futex resumed>) = 1 [pid 1055] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1053] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1054] <... mount resumed>) = 0 [pid 1054] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1054] chdir("./file4") = 0 [pid 1054] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1054] ioctl(4, LOOP_CLR_FD) = 0 [pid 1054] close(4) = 0 [pid 1054] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1052] <... futex resumed>) = 0 [pid 1052] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1052] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1054] <... futex resumed>) = 1 [pid 1054] fspick(AT_FDCWD, ".", 0) = 4 [pid 1054] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1052] <... futex resumed>) = 0 [pid 1052] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1052] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1054] <... futex resumed>) = 1 [pid 1054] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1055] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1055] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1053] <... futex resumed>) = 0 [pid 1055] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1053] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... futex resumed>) = 0 [pid 1053] <... futex resumed>) = 1 [pid 1055] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1053] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1055] <... open resumed>) = 5 [pid 1055] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1053] <... futex resumed>) = 0 [pid 1055] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1053] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1055] <... futex resumed>) = 0 [pid 1053] <... futex resumed>) = 1 [pid 1055] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1053] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1055] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1053] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1055] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1053] close(3) = 0 [pid 1053] close(4) = 0 [pid 1053] close(5) = 0 [pid 1053] close(6) = -1 EBADF (Bad file descriptor) [pid 1053] close(7) = -1 EBADF (Bad file descriptor) [pid 1053] close(8) = -1 EBADF (Bad file descriptor) [pid 1053] close(9) = -1 EBADF (Bad file descriptor) [pid 1053] close(10) = -1 EBADF (Bad file descriptor) [pid 1053] close(11) = -1 EBADF (Bad file descriptor) [pid 1053] close(12) = -1 EBADF (Bad file descriptor) [pid 1053] close(13) = -1 EBADF (Bad file descriptor) [pid 1053] close(14) = -1 EBADF (Bad file descriptor) [pid 1053] close(15) = -1 EBADF (Bad file descriptor) [pid 1053] close(16) = -1 EBADF (Bad file descriptor) [pid 1053] close(17) = -1 EBADF (Bad file descriptor) [pid 1053] close(18) = -1 EBADF (Bad file descriptor) [pid 1053] close(19) = -1 EBADF (Bad file descriptor) [pid 1053] close(20) = -1 EBADF (Bad file descriptor) [pid 1053] close(21) = -1 EBADF (Bad file descriptor) [pid 1053] close(22) = -1 EBADF (Bad file descriptor) [pid 1053] close(23) = -1 EBADF (Bad file descriptor) [pid 1053] close(24) = -1 EBADF (Bad file descriptor) [pid 1053] close(25) = -1 EBADF (Bad file descriptor) [pid 1053] close(26) = -1 EBADF (Bad file descriptor) [pid 1053] close(27) = -1 EBADF (Bad file descriptor) [pid 1053] close(28) = -1 EBADF (Bad file descriptor) [pid 1053] close(29) = -1 EBADF (Bad file descriptor) [pid 1053] exit_group(0 [pid 1055] <... futex resumed>) = ? [pid 1053] <... exit_group resumed>) = ? [pid 1055] +++ exited with 0 +++ [pid 1053] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=53, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 293] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1054] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1054] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1052] <... futex resumed>) = 0 [pid 1052] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1054] <... futex resumed>) = 1 [pid 1054] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1052] <... futex resumed>) = 0 [pid 1052] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1054] <... open resumed>) = 5 [pid 1054] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1052] <... futex resumed>) = 0 [pid 1054] <... futex resumed>) = 1 [pid 1052] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1054] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1052] <... futex resumed>) = 0 [pid 1052] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1054] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1054] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1052] <... futex resumed>) = 0 [pid 1054] <... futex resumed>) = 1 [pid 1052] close(3 [pid 1054] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1052] <... close resumed>) = 0 [pid 1052] close(4) = 0 [pid 1052] close(5) = 0 [pid 1052] close(6) = -1 EBADF (Bad file descriptor) [pid 1052] close(7) = -1 EBADF (Bad file descriptor) [pid 1052] close(8) = -1 EBADF (Bad file descriptor) [pid 1052] close(9) = -1 EBADF (Bad file descriptor) [pid 1052] close(10) = -1 EBADF (Bad file descriptor) [pid 1052] close(11) = -1 EBADF (Bad file descriptor) [pid 1052] close(12) = -1 EBADF (Bad file descriptor) [pid 1052] close(13) = -1 EBADF (Bad file descriptor) [pid 1052] close(14) = -1 EBADF (Bad file descriptor) [pid 1052] close(15) = -1 EBADF (Bad file descriptor) [pid 1052] close(16) = -1 EBADF (Bad file descriptor) [pid 1052] close(17) = -1 EBADF (Bad file descriptor) [pid 1052] close(18) = -1 EBADF (Bad file descriptor) [pid 1052] close(19) = -1 EBADF (Bad file descriptor) [pid 1052] close(20) = -1 EBADF (Bad file descriptor) [pid 1052] close(21) = -1 EBADF (Bad file descriptor) [pid 1052] close(22) = -1 EBADF (Bad file descriptor) [pid 1052] close(23) = -1 EBADF (Bad file descriptor) [pid 1052] close(24) = -1 EBADF (Bad file descriptor) [pid 1052] close(25) = -1 EBADF (Bad file descriptor) [pid 1052] close(26) = -1 EBADF (Bad file descriptor) [pid 1052] close(27) = -1 EBADF (Bad file descriptor) [pid 1052] close(28) = -1 EBADF (Bad file descriptor) [pid 1052] close(29) = -1 EBADF (Bad file descriptor) [pid 1052] exit_group(0) = ? [pid 1054] <... futex resumed>) = ? [pid 1054] +++ exited with 0 +++ [pid 1052] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=52, si_uid=0, si_status=0, si_utime=6, si_stime=19} --- [pid 298] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 53.473188][ T1054] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 53.483302][ T1055] F2FS-fs (loop2): switch discard_unit option is not allowed [ 53.500783][ T1054] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./25/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./25/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 294] <... umount2 resumed>) = 0 [pid 297] <... openat resumed>) = 4 [pid 294] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./24/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./24/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./24/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] newfstatat(4, "", [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./24/file4" [pid 297] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] <... rmdir resumed>) = 0 [pid 294] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./24/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./24") = 0 [pid 294] mkdir("./25", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3 [pid 297] getdents64(4, [pid 294] <... close resumed>) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, [pid 294] <... clone resumed>, child_tidptr=0x555587579690) = 53 [pid 297] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./25/file4") = 0 [pid 297] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./25/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./25") = 0 [pid 297] mkdir("./26", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 54 ./strace-static-x86_64: Process 1078 attached ./strace-static-x86_64: Process 1079 attached [pid 1078] set_robust_list(0x5555875796a0, 24 [pid 1079] set_robust_list(0x5555875796a0, 24 [pid 1078] <... set_robust_list resumed>) = 0 [pid 1079] <... set_robust_list resumed>) = 0 [pid 1078] chdir("./25" [pid 1079] chdir("./26" [pid 1078] <... chdir resumed>) = 0 [pid 1079] <... chdir resumed>) = 0 [pid 1078] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1078] <... prctl resumed>) = 0 [pid 1079] <... prctl resumed>) = 0 [pid 1078] setpgid(0, 0) = 0 [pid 1078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1079] setpgid(0, 0 [pid 1078] <... openat resumed>) = 3 [pid 1078] write(3, "1000", 4 [pid 1079] <... setpgid resumed>) = 0 [pid 1078] <... write resumed>) = 4 [pid 1078] close(3) = 0 [pid 1078] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program [pid 1078] write(1, "executing program\n", 18) = 18 [pid 1078] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1078] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 1079] <... openat resumed>) = 3 [pid 1078] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1079] write(3, "1000", 4 [pid 1078] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 1079] <... write resumed>) = 4 [pid 1079] close(3 [pid 1078] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1078] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1079] <... close resumed>) = 0 [pid 1078] <... mmap resumed>) = 0x7fc71fb1c000 [pid 1079] symlink("/dev/binderfs", "./binderfs" [pid 1078] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 1079] <... symlink resumed>) = 0 [pid 1078] <... mprotect resumed>) = 0 [pid 1079] write(1, "executing program\n", 18 [pid 1078] rt_sigprocmask(SIG_BLOCK, ~[], executing program [pid 1079] <... write resumed>) = 18 [pid 1078] <... rt_sigprocmask resumed>[], 8) = 0 [pid 1079] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1078] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 1079] <... futex resumed>) = 0 [pid 1078] <... clone3 resumed> => {parent_tid=[54]}, 88) = 54 [pid 1079] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, [pid 1078] rt_sigprocmask(SIG_SETMASK, [], [pid 1079] <... rt_sigaction resumed>NULL, 8) = 0 [pid 1078] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1079] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 1078] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1079] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1078] <... futex resumed>) = 0 [pid 1079] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1078] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1079] <... mmap resumed>) = 0x7fc71fb1c000 [pid 1079] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1079] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1079] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0}./strace-static-x86_64: Process 1080 attached [pid 1080] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1080] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1080] memfd_create("syzkaller", 0 [pid 1079] <... clone3 resumed> => {parent_tid=[55]}, 88) = 55 [pid 1080] <... memfd_create resumed>) = 3 [pid 1080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1079] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1079] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1079] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1081 attached [pid 1081] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1081] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1081] memfd_create("syzkaller", 0) = 3 [pid 1081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./25/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./25/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./25/file4") = 0 [pid 293] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./25/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./25") = 0 [pid 293] mkdir("./26", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 55 ./strace-static-x86_64: Process 1082 attached [pid 1082] set_robust_list(0x5555875796a0, 24) = 0 [pid 1082] chdir("./26") = 0 [pid 1082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1082] setpgid(0, 0) = 0 [pid 1082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1082] write(3, "1000", 4) = 4 [pid 1082] close(3) = 0 [pid 1082] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1082] write(1, "executing program\n", 18executing program ) = 18 [pid 1082] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1082] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1082] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1082] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1082] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1082] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[56]}, 88) = 56 [pid 1082] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1082] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1077] <... write resumed>) = 20699119 ./strace-static-x86_64: Process 1083 attached [pid 1083] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1083] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1083] memfd_create("syzkaller", 0 [pid 1077] munmap(0x7fc71771c000, 138412032 [pid 1081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... umount2 resumed>) = 0 [pid 1083] <... memfd_create resumed>) = 3 [pid 298] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1083] <... mmap resumed>) = 0x7fc71771c000 [pid 1077] <... munmap resumed>) = 0 [pid 298] newfstatat(AT_FDCWD, "./25/file4", [pid 1077] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1077] ioctl(4, LOOP_SET_FD, 3 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./25/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./25/file4") = 0 [pid 298] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./25/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./25") = 0 [pid 298] mkdir("./26", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 1077] <... ioctl resumed>) = 0 [pid 1077] close(3) = 0 [pid 1077] close(4) = 0 [pid 1077] mkdir("./file4", 0777) = 0 [pid 1077] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 298] <... clone resumed>, child_tidptr=0x555587579690) = 54 ./strace-static-x86_64: Process 1084 attached [pid 1084] set_robust_list(0x5555875796a0, 24) = 0 [pid 1084] chdir("./26") = 0 [pid 1084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1084] setpgid(0, 0) = 0 [pid 1084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1084] write(3, "1000", 4) = 4 [pid 1084] close(3) = 0 [pid 1084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1084] write(1, "executing program\n", 18executing program ) = 18 [pid 1084] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1084] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1084] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1084] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1084] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[55]}, 88) = 55 [pid 1084] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1084] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 53.856931][ T1077] loop4: detected capacity change from 0 to 40427 [ 53.874764][ T1077] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [pid 1084] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1085 attached [pid 1085] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1085] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1085] memfd_create("syzkaller", 0) = 3 [pid 1085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 53.900103][ T1077] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 53.919205][ T1077] F2FS-fs (loop4): fault_injection options not supported [ 53.936788][ T1077] F2FS-fs (loop4): fault_type options not supported [pid 1080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1081] <... write resumed>) = 20699119 [ 53.951114][ T1077] F2FS-fs (loop4): invalid crc value [pid 1081] munmap(0x7fc71771c000, 138412032) = 0 [pid 1081] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 1081] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1081] close(3) = 0 [pid 1081] close(4) = 0 [pid 1081] mkdir("./file4", 0777) = 0 [ 53.988669][ T1077] F2FS-fs (loop4): Found nat_bits in checkpoint [ 53.997220][ T1081] loop1: detected capacity change from 0 to 40427 [ 54.023063][ T1081] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 54.050348][ T1081] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 54.074952][ T1081] F2FS-fs (loop1): fault_injection options not supported [ 54.090351][ T1081] F2FS-fs (loop1): fault_type options not supported [pid 1081] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1080] <... write resumed>) = 20699119 [pid 1080] munmap(0x7fc71771c000, 138412032 [pid 1083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1080] <... munmap resumed>) = 0 [pid 1080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1080] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1080] close(3) = 0 [pid 1080] close(4) = 0 [pid 1077] <... mount resumed>) = 0 [pid 1080] mkdir("./file4", 0777 [pid 1077] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 1080] <... mkdir resumed>) = 0 [pid 1080] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1077] <... openat resumed>) = 3 [ 54.108540][ T1081] F2FS-fs (loop1): invalid crc value [ 54.114484][ T1077] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 54.123717][ T1080] loop0: detected capacity change from 0 to 40427 [ 54.136047][ T1077] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 54.139375][ T1081] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 1077] chdir("./file4") = 0 [pid 1077] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1077] ioctl(4, LOOP_CLR_FD) = 0 [pid 1077] close(4 [pid 1085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1077] <... close resumed>) = 0 [pid 1077] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1077] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1075] <... futex resumed>) = 0 [pid 1075] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1075] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1077] <... futex resumed>) = 0 [pid 1077] fspick(AT_FDCWD, ".", 0) = 4 [pid 1077] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1075] <... futex resumed>) = 0 [pid 1077] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1075] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1077] <... futex resumed>) = 0 [pid 1075] <... futex resumed>) = 1 [pid 1077] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 54.152764][ T1080] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 54.159837][ T1080] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 54.193967][ T1077] F2FS-fs (loop4): switch discard_unit option is not allowed [ 54.200641][ T1081] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [pid 1075] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1077] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1081] <... mount resumed>) = 0 [pid 1081] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1081] chdir("./file4") = 0 [pid 1081] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 1077] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1077] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1075] <... futex resumed>) = 0 [pid 1075] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1077] <... futex resumed>) = 0 [pid 1075] <... futex resumed>) = 1 [pid 1077] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1075] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1077] <... open resumed>) = 5 [pid 1077] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1075] <... futex resumed>) = 0 [pid 1077] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1075] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1077] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1075] <... futex resumed>) = 0 [pid 1077] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1075] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1077] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1077] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1075] <... futex resumed>) = 0 [pid 1077] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1075] close(3) = 0 [pid 1075] close(4) = 0 [pid 1075] close(5) = 0 [pid 1075] close(6) = -1 EBADF (Bad file descriptor) [pid 1075] close(7) = -1 EBADF (Bad file descriptor) [pid 1075] close(8) = -1 EBADF (Bad file descriptor) [pid 1075] close(9) = -1 EBADF (Bad file descriptor) [pid 1075] close(10) = -1 EBADF (Bad file descriptor) [pid 1075] close(11) = -1 EBADF (Bad file descriptor) [pid 1075] close(12) = -1 EBADF (Bad file descriptor) [pid 1075] close(13) = -1 EBADF (Bad file descriptor) [pid 1075] close(14) = -1 EBADF (Bad file descriptor) [pid 1075] close(15) = -1 EBADF (Bad file descriptor) [pid 1075] close(16) = -1 EBADF (Bad file descriptor) [pid 1075] close(17) = -1 EBADF (Bad file descriptor) [pid 1075] close(18) = -1 EBADF (Bad file descriptor) [pid 1075] close(19) = -1 EBADF (Bad file descriptor) [pid 1075] close(20) = -1 EBADF (Bad file descriptor) [pid 1075] close(21) = -1 EBADF (Bad file descriptor) [pid 1075] close(22) = -1 EBADF (Bad file descriptor) [pid 1075] close(23) = -1 EBADF (Bad file descriptor) [pid 1075] close(24) = -1 EBADF (Bad file descriptor) [pid 1075] close(25) = -1 EBADF (Bad file descriptor) [pid 1075] close(26) = -1 EBADF (Bad file descriptor) [pid 1075] close(27) = -1 EBADF (Bad file descriptor) [pid 1075] close(28) = -1 EBADF (Bad file descriptor) [pid 1075] close(29) = -1 EBADF (Bad file descriptor) [pid 1075] exit_group(0) = ? [pid 1077] <... futex resumed>) = ? [pid 1081] <... openat resumed>) = 4 [pid 1081] ioctl(4, LOOP_CLR_FD) = 0 [pid 1081] close(4) = 0 [pid 1081] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1079] <... futex resumed>) = 0 [pid 1079] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1079] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1081] <... futex resumed>) = 1 [pid 1081] fspick(AT_FDCWD, ".", 0) = 4 [pid 1081] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1079] <... futex resumed>) = 0 [pid 1079] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1079] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1081] <... futex resumed>) = 1 [pid 1081] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1077] +++ exited with 0 +++ [pid 1075] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=52, si_uid=0, si_status=0, si_utime=9, si_stime=22} --- [pid 299] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 299] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1081] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1081] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1079] <... futex resumed>) = 0 [pid 1079] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1079] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1081] <... futex resumed>) = 1 [pid 1081] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1081] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1079] <... futex resumed>) = 0 [pid 1079] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1079] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1081] <... futex resumed>) = 1 [pid 1081] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1081] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1079] <... futex resumed>) = 0 [pid 1079] close(3) = 0 [pid 1079] close(4) = 0 [pid 1079] close(5) = 0 [pid 1079] close(6) = -1 EBADF (Bad file descriptor) [pid 1079] close(7) = -1 EBADF (Bad file descriptor) [pid 1079] close(8) = -1 EBADF (Bad file descriptor) [pid 1079] close(9) = -1 EBADF (Bad file descriptor) [pid 1079] close(10) = -1 EBADF (Bad file descriptor) [pid 1079] close(11) = -1 EBADF (Bad file descriptor) [pid 1079] close(12) = -1 EBADF (Bad file descriptor) [pid 1079] close(13) = -1 EBADF (Bad file descriptor) [pid 1079] close(14) = -1 EBADF (Bad file descriptor) [pid 1079] close(15) = -1 EBADF (Bad file descriptor) [pid 1079] close(16) = -1 EBADF (Bad file descriptor) [pid 1079] close(17) = -1 EBADF (Bad file descriptor) [pid 1079] close(18) = -1 EBADF (Bad file descriptor) [pid 1079] close(19) = -1 EBADF (Bad file descriptor) [pid 1079] close(20) = -1 EBADF (Bad file descriptor) [pid 1079] close(21) = -1 EBADF (Bad file descriptor) [pid 1079] close(22) = -1 EBADF (Bad file descriptor) [pid 1079] close(23) = -1 EBADF (Bad file descriptor) [pid 1079] close(24) = -1 EBADF (Bad file descriptor) [pid 1079] close(25) = -1 EBADF (Bad file descriptor) [pid 1079] close(26) = -1 EBADF (Bad file descriptor) [pid 1079] close(27) = -1 EBADF (Bad file descriptor) [pid 1079] close(28) = -1 EBADF (Bad file descriptor) [pid 1079] close(29) = -1 EBADF (Bad file descriptor) [pid 1079] exit_group(0) = ? [pid 1081] <... futex resumed>) = ? [pid 1081] +++ exited with 0 +++ [pid 1079] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=54, si_uid=0, si_status=0, si_utime=5, si_stime=18} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 54.208977][ T1081] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 54.216713][ T1080] F2FS-fs (loop0): fault_injection options not supported [ 54.236109][ T1080] F2FS-fs (loop0): fault_type options not supported [ 54.239653][ T1081] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 297] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 54.283167][ T1080] F2FS-fs (loop0): invalid crc value [pid 297] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1083] <... write resumed>) = 20699119 [pid 1083] munmap(0x7fc71771c000, 138412032) = 0 [pid 1083] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1083] ioctl(4, LOOP_SET_FD, 3 [pid 1085] <... write resumed>) = 20699119 [pid 1085] munmap(0x7fc71771c000, 138412032) = 0 [pid 1085] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1085] ioctl(4, LOOP_SET_FD, 3 [pid 1083] <... ioctl resumed>) = 0 [pid 1083] close(3) = 0 [pid 1083] close(4) = 0 [pid 1083] mkdir("./file4", 0777) = 0 [pid 1083] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1085] <... ioctl resumed>) = 0 [pid 1085] close(3) = 0 [pid 1085] close(4) = 0 [pid 1085] mkdir("./file4", 0777) = 0 [ 54.309508][ T1080] F2FS-fs (loop0): Found nat_bits in checkpoint [ 54.331718][ T1083] loop2: detected capacity change from 0 to 40427 [ 54.336068][ T1085] loop3: detected capacity change from 0 to 40427 [ 54.352975][ T1083] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 54.358862][ T1085] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 54.361655][ T1083] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 54.400711][ T1085] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 54.417091][ T1085] F2FS-fs (loop3): fault_injection options not supported [ 54.421367][ T1083] F2FS-fs (loop2): fault_injection options not supported [ 54.430544][ T1085] F2FS-fs (loop3): fault_type options not supported [pid 1085] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./25/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./25/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./25/file4") = 0 [pid 299] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./25/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./25") = 0 [pid 299] mkdir("./26", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 54 ./strace-static-x86_64: Process 1100 attached [pid 1100] set_robust_list(0x5555875796a0, 24) = 0 [pid 1100] chdir("./26") = 0 [pid 1100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1100] setpgid(0, 0) = 0 [pid 1100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1100] write(3, "1000", 4) = 4 [pid 1100] close(3) = 0 [pid 1100] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1100] write(1, "executing program\n", 18executing program ) = 18 [pid 1100] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1100] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1100] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1100] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1100] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1100] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1100] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[55]}, 88) = 55 [pid 1100] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1100] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1100] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1080] <... mount resumed>) = 0 [pid 1080] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1080] chdir("./file4") = 0 [pid 1080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1080] ioctl(4, LOOP_CLR_FD) = 0 [pid 1080] close(4) = 0 ./strace-static-x86_64: Process 1102 attached [pid 1080] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1078] <... futex resumed>) = 0 [pid 1080] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1078] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1078] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1080] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1080] fspick(AT_FDCWD, ".", 0 [pid 1102] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1102] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 54.446364][ T1085] F2FS-fs (loop3): invalid crc value [ 54.452514][ T1083] F2FS-fs (loop2): fault_type options not supported [ 54.459267][ T1080] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 54.471157][ T1080] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 54.482132][ T1083] F2FS-fs (loop2): invalid crc value [ 54.489713][ T1085] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 1102] memfd_create("syzkaller", 0) = 3 [pid 1102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1080] <... fspick resumed>) = 4 [pid 1080] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1078] <... futex resumed>) = 0 [pid 1080] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1078] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1080] <... futex resumed>) = 0 [pid 1078] <... futex resumed>) = 1 [pid 1080] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1078] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1080] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1080] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1078] <... futex resumed>) = 0 [pid 1080] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1078] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1080] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1080] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1078] <... futex resumed>) = 0 [pid 1078] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1080] <... open resumed>) = 5 [pid 1080] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1078] <... futex resumed>) = 0 [pid 1080] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1078] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1080] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1078] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1080] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1078] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1080] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1078] close(3) = 0 [pid 1078] close(4) = 0 [pid 1078] close(5) = 0 [pid 1078] close(6) = -1 EBADF (Bad file descriptor) [pid 1078] close(7) = -1 EBADF (Bad file descriptor) [pid 1078] close(8) = -1 EBADF (Bad file descriptor) [pid 1078] close(9) = -1 EBADF (Bad file descriptor) [pid 1078] close(10) = -1 EBADF (Bad file descriptor) [pid 1078] close(11) = -1 EBADF (Bad file descriptor) [pid 1078] close(12) = -1 EBADF (Bad file descriptor) [pid 1078] close(13) = -1 EBADF (Bad file descriptor) [pid 1078] close(14) = -1 EBADF (Bad file descriptor) [pid 1078] close(15) = -1 EBADF (Bad file descriptor) [pid 1078] close(16) = -1 EBADF (Bad file descriptor) [pid 1078] close(17) = -1 EBADF (Bad file descriptor) [pid 1078] close(18) = -1 EBADF (Bad file descriptor) [pid 1078] close(19) = -1 EBADF (Bad file descriptor) [pid 1078] close(20) = -1 EBADF (Bad file descriptor) [pid 1078] close(21) = -1 EBADF (Bad file descriptor) [pid 1078] close(22) = -1 EBADF (Bad file descriptor) [pid 1078] close(23) = -1 EBADF (Bad file descriptor) [pid 1078] close(24) = -1 EBADF (Bad file descriptor) [pid 1078] close(25) = -1 EBADF (Bad file descriptor) [pid 1078] close(26) = -1 EBADF (Bad file descriptor) [pid 1078] close(27) = -1 EBADF (Bad file descriptor) [pid 1078] close(28) = -1 EBADF (Bad file descriptor) [pid 1078] close(29) = -1 EBADF (Bad file descriptor) [pid 1078] exit_group(0 [pid 1080] <... futex resumed>) = ? [pid 1078] <... exit_group resumed>) = ? [pid 1080] +++ exited with 0 +++ [pid 1078] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=53, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 294] umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 54.508991][ T1083] F2FS-fs (loop2): Found nat_bits in checkpoint [ 54.516348][ T1080] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 294] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./26/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./26/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./26/file4") = 0 [pid 297] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./26/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./26") = 0 [pid 297] mkdir("./27", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 1108 attached , child_tidptr=0x555587579690) = 56 [pid 1108] set_robust_list(0x5555875796a0, 24) = 0 [pid 1108] chdir("./27") = 0 [pid 1108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1108] setpgid(0, 0) = 0 [pid 1108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1108] write(3, "1000", 4) = 4 [pid 1108] close(3) = 0 [pid 1108] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1108] write(1, "executing program\n", 18) = 18 [pid 1108] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1108] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1108] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1108] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [ 54.587470][ T1085] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 54.597206][ T1083] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 54.619717][ T1083] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [pid 1108] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1108] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1108] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[57]}, 88) = 57 [pid 1108] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1108] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1108] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1085] <... mount resumed>) = 0 [pid 1085] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1085] chdir("./file4") = 0 [pid 1085] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1083] <... mount resumed>) = 0 [pid 1085] ioctl(4, LOOP_CLR_FD) = 0 [pid 1085] close(4) = 0 [pid 1083] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1085] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1084] <... futex resumed>) = 0 [pid 1084] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1084] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1083] chdir("./file4" [pid 1085] <... futex resumed>) = 1 [pid 1085] fspick(AT_FDCWD, ".", 0 [pid 1083] <... chdir resumed>) = 0 [pid 1085] <... fspick resumed>) = 4 [pid 1083] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1085] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1084] <... futex resumed>) = 0 [pid 1084] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1084] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1083] ioctl(4, LOOP_CLR_FD [pid 1085] <... futex resumed>) = 1 [pid 1083] <... ioctl resumed>) = 0 [pid 1085] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1083] close(4) = 0 [pid 1083] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] <... futex resumed>) = 0 [pid 1082] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1083] <... futex resumed>) = 1 [pid 1083] fspick(AT_FDCWD, ".", 0) = 4 [pid 1083] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] <... futex resumed>) = 0 [pid 1082] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1083] <... futex resumed>) = 1 [pid 1083] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0./strace-static-x86_64: Process 1109 attached [pid 1109] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1109] rt_sigprocmask(SIG_SETMASK, [], [pid 1085] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1085] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1084] <... futex resumed>) = 0 [pid 1084] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1084] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1085] <... futex resumed>) = 1 [pid 1085] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1083] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1083] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] <... futex resumed>) = 0 [pid 1082] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1083] <... futex resumed>) = 1 [pid 1083] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1085] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1084] <... futex resumed>) = 0 [pid 1084] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1084] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1085] <... futex resumed>) = 1 [pid 1085] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1085] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1084] <... futex resumed>) = 0 [pid 1084] close(3) = 0 [pid 1084] close(4) = 0 [pid 1084] close(5) = 0 [pid 1084] close(6) = -1 EBADF (Bad file descriptor) [pid 1084] close(7) = -1 EBADF (Bad file descriptor) [pid 1084] close(8) = -1 EBADF (Bad file descriptor) [pid 1084] close(9) = -1 EBADF (Bad file descriptor) [pid 1084] close(10) = -1 EBADF (Bad file descriptor) [pid 1084] close(11) = -1 EBADF (Bad file descriptor) [pid 1084] close(12 [pid 1109] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1084] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1084] close(13) = -1 EBADF (Bad file descriptor) [pid 1084] close(14 [pid 1109] memfd_create("syzkaller", 0 [pid 1084] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1109] <... memfd_create resumed>) = 3 [pid 1084] close(15 [pid 1109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 1084] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1109] <... mmap resumed>) = 0x7fc71771c000 [pid 1084] close(16) = -1 EBADF (Bad file descriptor) [pid 1084] close(17) = -1 EBADF (Bad file descriptor) [pid 1084] close(18) = -1 EBADF (Bad file descriptor) [pid 1084] close(19) = -1 EBADF (Bad file descriptor) [pid 1084] close(20) = -1 EBADF (Bad file descriptor) [pid 1084] close(21) = -1 EBADF (Bad file descriptor) [pid 1084] close(22) = -1 EBADF (Bad file descriptor) [pid 1084] close(23) = -1 EBADF (Bad file descriptor) [pid 1084] close(24) = -1 EBADF (Bad file descriptor) [pid 1084] close(25) = -1 EBADF (Bad file descriptor) [pid 1084] close(26) = -1 EBADF (Bad file descriptor) [pid 1084] close(27) = -1 EBADF (Bad file descriptor) [pid 1084] close(28) = -1 EBADF (Bad file descriptor) [pid 1084] close(29) = -1 EBADF (Bad file descriptor) [pid 1084] exit_group(0) = ? [pid 1085] <... futex resumed>) = ? [pid 1085] +++ exited with 0 +++ [pid 1084] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=54, si_uid=0, si_status=0, si_utime=5, si_stime=15} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 1083] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] <... futex resumed>) = 0 [pid 1082] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1082] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1083] <... futex resumed>) = 1 [pid 1083] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1083] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1082] <... futex resumed>) = 0 [pid 1082] close(3) = 0 [pid 1082] close(4) = 0 [pid 1082] close(5) = 0 [pid 1082] close(6) = -1 EBADF (Bad file descriptor) [pid 1082] close(7) = -1 EBADF (Bad file descriptor) [pid 1082] close(8) = -1 EBADF (Bad file descriptor) [pid 1082] close(9) = -1 EBADF (Bad file descriptor) [pid 1082] close(10) = -1 EBADF (Bad file descriptor) [pid 1082] close(11) = -1 EBADF (Bad file descriptor) [pid 1082] close(12) = -1 EBADF (Bad file descriptor) [pid 1082] close(13) = -1 EBADF (Bad file descriptor) [pid 1082] close(14) = -1 EBADF (Bad file descriptor) [pid 1082] close(15) = -1 EBADF (Bad file descriptor) [pid 1082] close(16) = -1 EBADF (Bad file descriptor) [pid 1082] close(17) = -1 EBADF (Bad file descriptor) [pid 1082] close(18) = -1 EBADF (Bad file descriptor) [pid 1082] close(19) = -1 EBADF (Bad file descriptor) [pid 1082] close(20) = -1 EBADF (Bad file descriptor) [pid 1082] close(21) = -1 EBADF (Bad file descriptor) [pid 1082] close(22) = -1 EBADF (Bad file descriptor) [pid 1082] close(23) = -1 EBADF (Bad file descriptor) [pid 1082] close(24) = -1 EBADF (Bad file descriptor) [pid 1082] close(25) = -1 EBADF (Bad file descriptor) [pid 1082] close(26) = -1 EBADF (Bad file descriptor) [pid 1082] close(27 [pid 298] <... restart_syscall resumed>) = 0 [pid 1082] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1082] close(28) = -1 EBADF (Bad file descriptor) [pid 298] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1082] close(29 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1082] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 298] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1082] exit_group(0 [pid 298] <... openat resumed>) = 3 [pid 1082] <... exit_group resumed>) = ? [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1083] <... futex resumed>) = ? [pid 1083] +++ exited with 0 +++ [pid 1082] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=55, si_uid=0, si_status=0, si_utime=8, si_stime=17} --- [ 54.630051][ T1085] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 54.651734][ T1085] F2FS-fs (loop3): switch discard_unit option is not allowed [ 54.662573][ T1083] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./25/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./25/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./25/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./25/file4") = 0 [pid 294] umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./25/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./25") = 0 [pid 294] mkdir("./26", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 55 ./strace-static-x86_64: Process 1110 attached [pid 1110] set_robust_list(0x5555875796a0, 24) = 0 [pid 1110] chdir("./26") = 0 [pid 1110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1110] setpgid(0, 0) = 0 [pid 1110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1110] write(3, "1000", 4) = 4 [pid 1110] close(3) = 0 [pid 1110] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1110] write(1, "executing program\n", 18) = 18 [pid 1110] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1110] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1102] <... write resumed>) = 20699119 [pid 1110] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1102] munmap(0x7fc71771c000, 138412032 [pid 1110] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1110] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1110] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1110] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[56]}, 88) = 56 [pid 1110] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1110] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1102] <... munmap resumed>) = 0 [pid 1110] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1102] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 1111 attached ) = 4 [pid 1102] ioctl(4, LOOP_SET_FD, 3 [pid 1111] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1111] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1111] memfd_create("syzkaller", 0) = 3 [pid 1111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1102] <... ioctl resumed>) = 0 [pid 1102] close(3) = 0 [pid 1102] close(4) = 0 [pid 1102] mkdir("./file4", 0777) = 0 [pid 1102] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 54.875587][ T1102] loop4: detected capacity change from 0 to 40427 [ 54.893282][ T1102] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 54.909597][ T1102] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [pid 1109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 298] <... umount2 resumed>) = 0 [pid 298] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 293] <... umount2 resumed>) = 0 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./26/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./26/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./26/file4") = 0 [pid 298] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./26/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./26") = 0 [pid 298] mkdir("./27", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 56 [pid 293] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./26/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./26/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./26/file4") = 0 [pid 293] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./26/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./26") = 0 [pid 293] mkdir("./27", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 1112 attached ) = -1 ENXIO (No such device or address) [ 54.922800][ T1102] F2FS-fs (loop4): fault_injection options not supported [ 54.941091][ T1102] F2FS-fs (loop4): fault_type options not supported [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 57 ./strace-static-x86_64: Process 1113 attached [pid 1113] set_robust_list(0x5555875796a0, 24) = 0 [pid 1113] chdir("./27") = 0 [pid 1113] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 1112] set_robust_list(0x5555875796a0, 24) = 0 [pid 1112] chdir("./27") = 0 [pid 1112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1112] setpgid(0, 0) = 0 [pid 1112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 1113] <... prctl resumed>) = 0 [pid 1112] <... openat resumed>) = 3 [pid 1112] write(3, "1000", 4) = 4 [pid 1112] close(3) = 0 [pid 1112] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1112] write(1, "executing program\n", 18) = 18 [pid 1112] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1112] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1112] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1112] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1112] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1112] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[57]}, 88) = 57 [pid 1112] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1112] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1112] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1113] setpgid(0, 0) = 0 [pid 1113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1113] write(3, "1000", 4) = 4 [pid 1113] close(3) = 0 [pid 1113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1113] write(1, "executing program\n", 18executing program ) = 18 [pid 1113] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1113] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1113] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1113] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1113] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1113] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1113] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[58]}, 88) = 58 [pid 1113] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1113] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1113] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1116 attached [pid 1116] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1116] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1116] memfd_create("syzkaller", 0) = 3 [pid 1116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 54.970536][ T1102] F2FS-fs (loop4): invalid crc value ./strace-static-x86_64: Process 1118 attached [pid 1118] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1118] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1118] memfd_create("syzkaller", 0) = 3 [pid 1118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1109] <... write resumed>) = 20699119 [pid 1109] munmap(0x7fc71771c000, 138412032) = 0 [pid 1109] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 55.001318][ T1102] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 1109] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1109] close(3) = 0 [pid 1109] close(4) = 0 [pid 1109] mkdir("./file4", 0777) = 0 [ 55.042353][ T1109] loop1: detected capacity change from 0 to 40427 [ 55.058687][ T1109] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 55.077135][ T1109] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 1109] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1102] <... mount resumed>) = 0 [pid 1102] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1102] chdir("./file4") = 0 [pid 1102] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1102] ioctl(4, LOOP_CLR_FD) = 0 [pid 1102] close(4) = 0 [pid 1111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1102] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1102] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1100] <... futex resumed>) = 0 [pid 1100] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1102] <... futex resumed>) = 0 [pid 1100] <... futex resumed>) = 1 [pid 1102] fspick(AT_FDCWD, ".", 0) = 4 [pid 1100] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1102] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1102] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1100] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1100] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1102] <... futex resumed>) = 0 [pid 1100] <... futex resumed>) = 1 [pid 1102] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 55.096928][ T1109] F2FS-fs (loop1): fault_injection options not supported [ 55.104940][ T1102] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 55.121057][ T1102] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 55.128595][ T1109] F2FS-fs (loop1): fault_type options not supported [pid 1100] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1102] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1102] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1100] <... futex resumed>) = 0 [pid 1102] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1100] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1102] <... futex resumed>) = 0 [pid 1100] <... futex resumed>) = 1 [pid 1102] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1100] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1102] <... open resumed>) = 5 [pid 1102] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1102] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1100] <... futex resumed>) = 0 [pid 1100] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1102] <... futex resumed>) = 0 [pid 1100] <... futex resumed>) = 1 [pid 1102] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1100] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1102] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1102] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1102] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1100] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1100] close(3) = 0 [pid 1100] close(4) = 0 [pid 1100] close(5) = 0 [pid 1100] close(6) = -1 EBADF (Bad file descriptor) [pid 1100] close(7) = -1 EBADF (Bad file descriptor) [pid 1100] close(8) = -1 EBADF (Bad file descriptor) [pid 1100] close(9) = -1 EBADF (Bad file descriptor) [pid 1100] close(10) = -1 EBADF (Bad file descriptor) [pid 1100] close(11) = -1 EBADF (Bad file descriptor) [pid 1100] close(12) = -1 EBADF (Bad file descriptor) [pid 1100] close(13) = -1 EBADF (Bad file descriptor) [pid 1100] close(14) = -1 EBADF (Bad file descriptor) [pid 1100] close(15) = -1 EBADF (Bad file descriptor) [pid 1100] close(16) = -1 EBADF (Bad file descriptor) [pid 1100] close(17) = -1 EBADF (Bad file descriptor) [pid 1100] close(18) = -1 EBADF (Bad file descriptor) [pid 1100] close(19) = -1 EBADF (Bad file descriptor) [pid 1100] close(20) = -1 EBADF (Bad file descriptor) [pid 1100] close(21) = -1 EBADF (Bad file descriptor) [pid 1100] close(22) = -1 EBADF (Bad file descriptor) [pid 1100] close(23) = -1 EBADF (Bad file descriptor) [pid 1100] close(24) = -1 EBADF (Bad file descriptor) [pid 1100] close(25) = -1 EBADF (Bad file descriptor) [pid 1100] close(26) = -1 EBADF (Bad file descriptor) [pid 1100] close(27) = -1 EBADF (Bad file descriptor) [pid 1100] close(28) = -1 EBADF (Bad file descriptor) [pid 1100] close(29) = -1 EBADF (Bad file descriptor) [pid 1100] exit_group(0 [pid 1102] <... futex resumed>) = ? [pid 1100] <... exit_group resumed>) = ? [pid 1102] +++ exited with 0 +++ [pid 1100] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=54, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 55.152671][ T1102] F2FS-fs (loop4): switch discard_unit option is not allowed [ 55.159810][ T1109] F2FS-fs (loop1): invalid crc value [pid 299] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [ 55.218681][ T1109] F2FS-fs (loop1): Found nat_bits in checkpoint [pid 1116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1111] <... write resumed>) = 20699119 [pid 1111] munmap(0x7fc71771c000, 138412032) = 0 [pid 1111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1111] ioctl(4, LOOP_SET_FD, 3 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./26/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./26/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./26/file4") = 0 [pid 299] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./26/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./26") = 0 [pid 299] mkdir("./27", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3 [pid 1111] <... ioctl resumed>) = 0 [pid 1109] <... mount resumed>) = 0 [pid 1111] close(3 [pid 1109] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 1111] <... close resumed>) = 0 [pid 1109] <... openat resumed>) = 3 [pid 1111] close(4 [pid 1109] chdir("./file4" [pid 1111] <... close resumed>) = 0 [pid 1109] <... chdir resumed>) = 0 [pid 1111] mkdir("./file4", 0777 [pid 1109] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 1111] <... mkdir resumed>) = 0 [pid 1109] ioctl(4, LOOP_CLR_FD [pid 1111] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1109] <... ioctl resumed>) = 0 [ 55.321145][ T1109] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 55.344740][ T1109] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 55.355440][ T1111] loop0: detected capacity change from 0 to 40427 [pid 1109] close(4 [pid 299] <... close resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 56 [pid 1109] <... close resumed>) = 0 executing program [pid 1109] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1109] fspick(AT_FDCWD, ".", 0 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 1124 attached [pid 1124] set_robust_list(0x5555875796a0, 24) = 0 [pid 1124] chdir("./27") = 0 [pid 1124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1124] setpgid(0, 0) = 0 [pid 1124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1124] write(3, "1000", 4) = 4 [pid 1124] close(3) = 0 [pid 1124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1124] write(1, "executing program\n", 18) = 18 [pid 1124] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1124] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1124] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 1109] <... fspick resumed>) = 4 [pid 1124] <... mmap resumed>) = 0x7fc71fb1c000 [pid 1109] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1109] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1108] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1109] <... futex resumed>) = 0 [pid 1108] <... futex resumed>) = 1 [pid 1108] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1109] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1124] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1124] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[57]}, 88) = 57 [pid 1124] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1124] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1124] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1125 attached [pid 1125] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1125] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1125] memfd_create("syzkaller", 0) = 3 [pid 1125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1109] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1109] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1108] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1109] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1109] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1108] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1108] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1109] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1109] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1108] <... futex resumed>) = 0 [pid 1108] close(3) = 0 [pid 1108] close(4) = 0 [pid 1108] close(5) = 0 [pid 1108] close(6) = -1 EBADF (Bad file descriptor) [pid 1108] close(7 [pid 1109] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1108] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1108] close(8) = -1 EBADF (Bad file descriptor) [pid 1108] close(9) = -1 EBADF (Bad file descriptor) [pid 1108] close(10) = -1 EBADF (Bad file descriptor) [pid 1108] close(11) = -1 EBADF (Bad file descriptor) [pid 1108] close(12) = -1 EBADF (Bad file descriptor) [pid 1108] close(13) = -1 EBADF (Bad file descriptor) [pid 1108] close(14) = -1 EBADF (Bad file descriptor) [pid 1108] close(15) = -1 EBADF (Bad file descriptor) [pid 1108] close(16) = -1 EBADF (Bad file descriptor) [pid 1108] close(17) = -1 EBADF (Bad file descriptor) [pid 1108] close(18) = -1 EBADF (Bad file descriptor) [pid 1108] close(19) = -1 EBADF (Bad file descriptor) [pid 1108] close(20) = -1 EBADF (Bad file descriptor) [pid 1108] close(21) = -1 EBADF (Bad file descriptor) [pid 1108] close(22) = -1 EBADF (Bad file descriptor) [pid 1108] close(23) = -1 EBADF (Bad file descriptor) [pid 1108] close(24) = -1 EBADF (Bad file descriptor) [pid 1108] close(25) = -1 EBADF (Bad file descriptor) [pid 1108] close(26) = -1 EBADF (Bad file descriptor) [pid 1108] close(27) = -1 EBADF (Bad file descriptor) [pid 1108] close(28) = -1 EBADF (Bad file descriptor) [pid 1108] close(29) = -1 EBADF (Bad file descriptor) [pid 1108] exit_group(0 [pid 1109] <... futex resumed>) = ? [pid 1108] <... exit_group resumed>) = ? [pid 1109] +++ exited with 0 +++ [ 55.374566][ T1111] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 55.390346][ T1111] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 55.399353][ T1111] F2FS-fs (loop0): fault_injection options not supported [ 55.407147][ T1109] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 1108] +++ exited with 0 +++ [pid 1118] <... write resumed>) = 20699119 [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=5, si_stime=20} --- [pid 1118] munmap(0x7fc71771c000, 138412032 [pid 297] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, [pid 1118] <... munmap resumed>) = 0 [pid 297] <... getdents64 resumed>0x55558757a730 /* 4 entries */, 32768) = 112 [pid 1118] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 297] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1118] <... openat resumed>) = 4 [pid 1118] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1118] close(3) = 0 [pid 1118] close(4) = 0 [pid 1118] mkdir("./file4", 0777) = 0 [pid 1118] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1116] <... write resumed>) = 20699119 [pid 1116] munmap(0x7fc71771c000, 138412032) = 0 [pid 1116] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1116] ioctl(4, LOOP_SET_FD, 3) = 0 [ 55.431041][ T1111] F2FS-fs (loop0): fault_type options not supported [ 55.449657][ T1118] loop2: detected capacity change from 0 to 40427 [ 55.465204][ T1118] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 55.472975][ T1116] loop3: detected capacity change from 0 to 40427 [pid 1116] close(3) = 0 [pid 1116] close(4) = 0 [pid 1116] mkdir("./file4", 0777) = 0 [ 55.480874][ T1111] F2FS-fs (loop0): invalid crc value [ 55.482235][ T1118] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 55.488319][ T1116] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 55.515488][ T1111] F2FS-fs (loop0): Found nat_bits in checkpoint [ 55.530465][ T1118] F2FS-fs (loop2): fault_injection options not supported [ 55.530471][ T1116] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 55.530525][ T1116] F2FS-fs (loop3): fault_injection options not supported [ 55.553601][ T1118] F2FS-fs (loop2): fault_type options not supported [ 55.570675][ T1118] F2FS-fs (loop2): invalid crc value [pid 1116] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1111] <... mount resumed>) = 0 [pid 1111] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1111] chdir("./file4") = 0 [pid 1111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1111] ioctl(4, LOOP_CLR_FD) = 0 [pid 1111] close(4) = 0 [pid 1111] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1111] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1110] <... futex resumed>) = 0 [pid 1110] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1110] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1111] <... futex resumed>) = 0 [pid 1111] fspick(AT_FDCWD, ".", 0) = 4 [pid 1111] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1111] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1110] <... futex resumed>) = 0 [ 55.576281][ T1116] F2FS-fs (loop3): fault_type options not supported [ 55.584692][ T1111] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 55.593305][ T1111] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 55.601298][ T1116] F2FS-fs (loop3): invalid crc value [ 55.618775][ T1118] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 1110] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1111] <... futex resumed>) = 0 [pid 1110] <... futex resumed>) = 1 [pid 1111] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1110] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1111] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1111] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1110] <... futex resumed>) = 0 [pid 1110] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1110] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1111] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1111] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1110] <... futex resumed>) = 0 [pid 1110] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1110] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1111] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1111] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1111] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1110] <... futex resumed>) = 0 [pid 1110] close(3) = 0 [pid 1110] close(4) = 0 [pid 1110] close(5) = 0 [pid 1110] close(6) = -1 EBADF (Bad file descriptor) [pid 1110] close(7) = -1 EBADF (Bad file descriptor) [pid 1110] close(8) = -1 EBADF (Bad file descriptor) [pid 1110] close(9) = -1 EBADF (Bad file descriptor) [pid 1110] close(10) = -1 EBADF (Bad file descriptor) [pid 1110] close(11) = -1 EBADF (Bad file descriptor) [pid 1110] close(12) = -1 EBADF (Bad file descriptor) [pid 1110] close(13) = -1 EBADF (Bad file descriptor) [pid 1110] close(14) = -1 EBADF (Bad file descriptor) [pid 1110] close(15) = -1 EBADF (Bad file descriptor) [pid 1110] close(16) = -1 EBADF (Bad file descriptor) [pid 1110] close(17) = -1 EBADF (Bad file descriptor) [pid 1110] close(18) = -1 EBADF (Bad file descriptor) [pid 1110] close(19) = -1 EBADF (Bad file descriptor) [pid 1110] close(20) = -1 EBADF (Bad file descriptor) [ 55.625994][ T1111] F2FS-fs (loop0): switch discard_unit option is not allowed [pid 1110] close(21) = -1 EBADF (Bad file descriptor) [pid 1110] close(22) = -1 EBADF (Bad file descriptor) [pid 1110] close(23) = -1 EBADF (Bad file descriptor) [pid 1110] close(24) = -1 EBADF (Bad file descriptor) [pid 1110] close(25) = -1 EBADF (Bad file descriptor) [pid 1110] close(26) = -1 EBADF (Bad file descriptor) [pid 1110] close(27) = -1 EBADF (Bad file descriptor) [pid 1110] close(28) = -1 EBADF (Bad file descriptor) [pid 1110] close(29) = -1 EBADF (Bad file descriptor) [pid 1110] exit_group(0) = ? [pid 1111] <... futex resumed>) = ? [pid 1111] +++ exited with 0 +++ [pid 1110] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=55, si_uid=0, si_status=0, si_utime=7, si_stime=20} --- [pid 294] restart_syscall(<... resuming interrupted clone ...> [pid 1125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 294] <... restart_syscall resumed>) = 0 [pid 294] umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 294] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./27/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./27/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./27/file4") = 0 [pid 297] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./27/binderfs") = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./27") = 0 [pid 297] mkdir("./28", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 55.652454][ T1116] F2FS-fs (loop3): Found nat_bits in checkpoint [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 58 ./strace-static-x86_64: Process 1136 attached [pid 1136] set_robust_list(0x5555875796a0, 24) = 0 [pid 1136] chdir("./28") = 0 [pid 1136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1136] setpgid(0, 0) = 0 executing program [pid 1136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1136] write(3, "1000", 4) = 4 [pid 1136] close(3) = 0 [pid 1136] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1136] write(1, "executing program\n", 18) = 18 [pid 1136] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1136] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1136] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1136] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1136] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1136] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1136] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[59]}, 88) = 59 [pid 1136] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1136] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1136] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1138 attached [pid 1138] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1138] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1138] memfd_create("syzkaller", 0) = 3 [pid 1138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1118] <... mount resumed>) = 0 [pid 1118] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1118] chdir("./file4") = 0 [pid 1118] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1118] ioctl(4, LOOP_CLR_FD) = 0 [pid 1118] close(4) = 0 [pid 1118] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1118] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1113] <... futex resumed>) = 0 [pid 1113] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1118] <... futex resumed>) = 0 [pid 1113] <... futex resumed>) = 1 [pid 1118] fspick(AT_FDCWD, ".", 0) = 4 [pid 1113] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1118] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1113] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1118] <... futex resumed>) = 0 [pid 1118] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1113] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1118] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1118] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1113] <... futex resumed>) = 0 [ 55.730821][ T1118] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 55.746530][ T1118] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 55.754731][ T1116] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 55.768551][ T1116] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [pid 1113] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1118] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1118] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1113] <... futex resumed>) = 0 [pid 1118] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1113] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1118] <... futex resumed>) = 0 [pid 1113] <... futex resumed>) = 1 [pid 1118] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1113] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1118] <... open resumed>) = 5 [pid 1118] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1113] <... futex resumed>) = 0 [pid 1118] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1113] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1118] <... futex resumed>) = 0 [pid 1113] <... futex resumed>) = 1 [pid 1118] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1113] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1118] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1113] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1118] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1113] close(3) = 0 [pid 1113] close(4) = 0 [pid 1113] close(5) = 0 [pid 1113] close(6) = -1 EBADF (Bad file descriptor) [pid 1113] close(7) = -1 EBADF (Bad file descriptor) [pid 1113] close(8) = -1 EBADF (Bad file descriptor) [pid 1113] close(9) = -1 EBADF (Bad file descriptor) [pid 1113] close(10) = -1 EBADF (Bad file descriptor) [pid 1113] close(11) = -1 EBADF (Bad file descriptor) [pid 1113] close(12) = -1 EBADF (Bad file descriptor) [pid 1113] close(13) = -1 EBADF (Bad file descriptor) [pid 1113] close(14) = -1 EBADF (Bad file descriptor) [pid 1113] close(15) = -1 EBADF (Bad file descriptor) [pid 1113] close(16) = -1 EBADF (Bad file descriptor) [pid 1113] close(17) = -1 EBADF (Bad file descriptor) [pid 1113] close(18) = -1 EBADF (Bad file descriptor) [pid 1113] close(19) = -1 EBADF (Bad file descriptor) [pid 1113] close(20) = -1 EBADF (Bad file descriptor) [pid 1113] close(21) = -1 EBADF (Bad file descriptor) [pid 1113] close(22) = -1 EBADF (Bad file descriptor) [pid 1113] close(23) = -1 EBADF (Bad file descriptor) [pid 1113] close(24) = -1 EBADF (Bad file descriptor) [pid 1113] close(25) = -1 EBADF (Bad file descriptor) [pid 1113] close(26) = -1 EBADF (Bad file descriptor) [pid 1113] close(27) = -1 EBADF (Bad file descriptor) [pid 1113] close(28) = -1 EBADF (Bad file descriptor) [pid 1113] close(29) = -1 EBADF (Bad file descriptor) [pid 1113] exit_group(0 [pid 1118] <... futex resumed>) = ? [pid 1113] <... exit_group resumed>) = ? [pid 1118] +++ exited with 0 +++ [pid 1113] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=57, si_uid=0, si_status=0, si_utime=6, si_stime=20} --- [pid 293] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 293] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 293] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1116] <... mount resumed>) = 0 [pid 294] <... umount2 resumed>) = 0 [pid 1116] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 294] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1116] <... openat resumed>) = 3 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1116] chdir("./file4" [pid 294] newfstatat(AT_FDCWD, "./26/file4", [pid 1116] <... chdir resumed>) = 0 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 1116] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 294] umount2("./26/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1116] <... openat resumed>) = 4 [pid 294] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1116] ioctl(4, LOOP_CLR_FD [pid 294] openat(AT_FDCWD, "./26/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 1116] <... ioctl resumed>) = 0 [pid 294] <... openat resumed>) = 4 [pid 1116] close(4 [pid 294] newfstatat(4, "", [pid 1116] <... close resumed>) = 0 [pid 1116] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 1116] <... futex resumed>) = 1 [pid 1112] <... futex resumed>) = 0 [pid 1116] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1112] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 294] getdents64(4, [pid 1116] fspick(AT_FDCWD, ".", 0 [pid 1112] <... futex resumed>) = 0 [pid 1116] <... fspick resumed>) = 4 [pid 1112] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] <... getdents64 resumed>0x555587582770 /* 2 entries */, 32768) = 48 [pid 1116] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1112] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 294] getdents64(4, [pid 1116] <... futex resumed>) = 0 [pid 1112] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 294] <... getdents64 resumed>0x555587582770 /* 0 entries */, 32768) = 0 [pid 1116] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1112] <... futex resumed>) = 0 [ 55.783060][ T1118] F2FS-fs (loop2): switch discard_unit option is not allowed [pid 294] close(4 [pid 1112] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 294] <... close resumed>) = 0 [pid 294] rmdir("./26/file4") = 0 [pid 294] umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./26/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./26") = 0 [pid 294] mkdir("./27", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 57 ./strace-static-x86_64: Process 1140 attached [pid 1140] set_robust_list(0x5555875796a0, 24 [pid 1116] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1116] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1112] <... futex resumed>) = 0 [pid 1116] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1112] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1112] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1116] <... open resumed>) = 5 [pid 1140] <... set_robust_list resumed>) = 0 [pid 1140] chdir("./27") = 0 [pid 1140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1140] setpgid(0, 0 [pid 1116] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1112] <... futex resumed>) = 0 [pid 1116] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1112] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1112] <... futex resumed>) = 0 [pid 1116] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1112] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1116] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1116] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1112] <... futex resumed>) = 0 [pid 1116] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1112] close(3) = 0 [pid 1112] close(4) = 0 [pid 1112] close(5) = 0 [pid 1112] close(6) = -1 EBADF (Bad file descriptor) [pid 1112] close(7) = -1 EBADF (Bad file descriptor) [pid 1112] close(8) = -1 EBADF (Bad file descriptor) [pid 1112] close(9) = -1 EBADF (Bad file descriptor) [pid 1112] close(10) = -1 EBADF (Bad file descriptor) [pid 1112] close(11) = -1 EBADF (Bad file descriptor) [pid 1112] close(12) = -1 EBADF (Bad file descriptor) [pid 1112] close(13) = -1 EBADF (Bad file descriptor) [pid 1112] close(14) = -1 EBADF (Bad file descriptor) [pid 1112] close(15) = -1 EBADF (Bad file descriptor) [pid 1112] close(16) = -1 EBADF (Bad file descriptor) [pid 1112] close(17) = -1 EBADF (Bad file descriptor) [pid 1112] close(18) = -1 EBADF (Bad file descriptor) [pid 1112] close(19) = -1 EBADF (Bad file descriptor) [pid 1112] close(20) = -1 EBADF (Bad file descriptor) [pid 1112] close(21) = -1 EBADF (Bad file descriptor) [pid 1112] close(22) = -1 EBADF (Bad file descriptor) [pid 1112] close(23) = -1 EBADF (Bad file descriptor) [pid 1112] close(24) = -1 EBADF (Bad file descriptor) [pid 1112] close(25 [pid 1125] <... write resumed>) = 20699119 [pid 1112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1125] munmap(0x7fc71771c000, 138412032 [pid 1112] close(26) = -1 EBADF (Bad file descriptor) [pid 1140] <... setpgid resumed>) = 0 [pid 1112] close(27 [pid 1140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1140] write(3, "1000", 4 [pid 1125] <... munmap resumed>) = 0 [pid 1112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1125] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 1112] close(28 [pid 1125] <... openat resumed>) = 4 [pid 1140] <... write resumed>) = 4 [pid 1125] ioctl(4, LOOP_SET_FD, 3 [pid 1112] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 1140] close(3) = 0 [pid 1140] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 1140] write(1, "executing program\n", 18) = 18 [ 55.831962][ T1116] F2FS-fs (loop3): switch discard_unit option is not allowed [pid 1140] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1140] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1140] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1140] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1140] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[58]}, 88) = 58 [pid 1140] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1140] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1140] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1112] close(29) = -1 EBADF (Bad file descriptor) ./strace-static-x86_64: Process 1141 attached [pid 1112] exit_group(0 [pid 1116] <... futex resumed>) = ? [pid 1112] <... exit_group resumed>) = ? [pid 1116] +++ exited with 0 +++ [pid 1141] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1112] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=5, si_stime=17} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 1141] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 298] <... restart_syscall resumed>) = 0 [pid 298] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 298] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [pid 298] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1125] <... ioctl resumed>) = 0 [pid 1125] close(3) = 0 [pid 1125] close(4) = 0 [pid 1125] mkdir("./file4", 0777) = 0 [pid 1125] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1141] memfd_create("syzkaller", 0) = 3 [pid 1141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 55.881419][ T1125] loop4: detected capacity change from 0 to 40427 [ 55.899760][ T1125] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 55.917759][ T1125] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 55.939600][ T1125] F2FS-fs (loop4): fault_injection options not supported [ 55.957776][ T1125] F2FS-fs (loop4): fault_type options not supported [ 55.981106][ T1125] F2FS-fs (loop4): invalid crc value [ 56.001155][ T1125] F2FS-fs (loop4): Found nat_bits in checkpoint [pid 1138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./27/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./27/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./27/file4") = 0 [pid 293] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./27/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3) = 0 [pid 293] rmdir("./27") = 0 [pid 293] mkdir("./28", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 59 [pid 1125] <... mount resumed>) = 0 [pid 1125] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1125] chdir("./file4") = 0 [pid 1125] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1125] ioctl(4, LOOP_CLR_FD) = 0 [pid 1125] close(4) = 0 [pid 1125] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1124] <... futex resumed>) = 0 [pid 1124] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1124] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1125] <... futex resumed>) = 1 [pid 1125] fspick(AT_FDCWD, ".", 0) = 4 [pid 1125] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1124] <... futex resumed>) = 0 [pid 1124] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1124] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1125] <... futex resumed>) = 1 [pid 1125] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0./strace-static-x86_64: Process 1146 attached [pid 1146] set_robust_list(0x5555875796a0, 24) = 0 [pid 1146] chdir("./28") = 0 [pid 1146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1146] setpgid(0, 0) = 0 [pid 1146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1146] write(3, "1000", 4) = 4 [pid 1146] close(3) = 0 [pid 1146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1146] write(1, "executing program\n", 18executing program ) = 18 [pid 1146] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1146] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1146] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1146] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1146] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1146] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1146] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[60]}, 88) = 60 [pid 1146] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1146] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1146] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1147 attached [pid 298] <... umount2 resumed>) = 0 [pid 1125] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1125] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1124] <... futex resumed>) = 0 [pid 1124] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1124] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1125] <... futex resumed>) = 1 [pid 1125] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1147] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1125] <... open resumed>) = 5 [pid 1125] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1124] <... futex resumed>) = 0 [pid 1124] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1124] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1125] <... futex resumed>) = 1 [pid 1125] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1125] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1124] <... futex resumed>) = 0 [pid 1124] close(3) = 0 [pid 1124] close(4) = 0 [pid 1124] close(5) = 0 [pid 1124] close(6) = -1 EBADF (Bad file descriptor) [pid 1124] close(7) = -1 EBADF (Bad file descriptor) [pid 1124] close(8) = -1 EBADF (Bad file descriptor) [pid 1124] close(9) = -1 EBADF (Bad file descriptor) [pid 1124] close(10) = -1 EBADF (Bad file descriptor) [pid 1124] close(11) = -1 EBADF (Bad file descriptor) [pid 1124] close(12) = -1 EBADF (Bad file descriptor) [pid 1124] close(13) = -1 EBADF (Bad file descriptor) [pid 1124] close(14) = -1 EBADF (Bad file descriptor) [pid 1124] close(15) = -1 EBADF (Bad file descriptor) [pid 1124] close(16) = -1 EBADF (Bad file descriptor) [pid 1124] close(17) = -1 EBADF (Bad file descriptor) [pid 1124] close(18) = -1 EBADF (Bad file descriptor) [pid 1124] close(19) = -1 EBADF (Bad file descriptor) [pid 1124] close(20) = -1 EBADF (Bad file descriptor) [pid 1124] close(21) = -1 EBADF (Bad file descriptor) [pid 1124] close(22) = -1 EBADF (Bad file descriptor) [pid 1124] close(23) = -1 EBADF (Bad file descriptor) [pid 1124] close(24) = -1 EBADF (Bad file descriptor) [pid 1124] close(25) = -1 EBADF (Bad file descriptor) [pid 1124] close(26) = -1 EBADF (Bad file descriptor) [pid 1124] close(27) = -1 EBADF (Bad file descriptor) [pid 1124] close(28) = -1 EBADF (Bad file descriptor) [pid 1124] close(29) = -1 EBADF (Bad file descriptor) [pid 1124] exit_group(0) = ? [pid 1147] rt_sigprocmask(SIG_SETMASK, [], [pid 1125] <... futex resumed>) = ? [pid 1147] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 298] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1147] memfd_create("syzkaller", 0) = 3 [pid 298] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 1147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 298] newfstatat(AT_FDCWD, "./27/file4", [pid 1147] <... mmap resumed>) = 0x7fc71771c000 [pid 1125] +++ exited with 0 +++ [pid 1124] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=56, si_uid=0, si_status=0, si_utime=3, si_stime=18} --- [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 56.079237][ T1125] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 56.094936][ T1125] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 56.115121][ T1125] F2FS-fs (loop4): switch discard_unit option is not allowed [pid 299] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 298] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] openat(AT_FDCWD, "./27/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 298] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 298] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 298] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 298] close(4) = 0 [pid 298] rmdir("./27/file4") = 0 [pid 298] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 298] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 298] unlink("./27/binderfs") = 0 [pid 298] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 298] close(3) = 0 [pid 298] rmdir("./27") = 0 [pid 298] mkdir("./28", 0777) = 0 [pid 298] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 298] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 298] close(3) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 58 ./strace-static-x86_64: Process 1148 attached [pid 1148] set_robust_list(0x5555875796a0, 24) = 0 [pid 1148] chdir("./28") = 0 [pid 1148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1148] setpgid(0, 0) = 0 [pid 1148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1148] write(3, "1000", 4) = 4 [pid 1148] close(3) = 0 [pid 1148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1148] write(1, "executing program\n", 18executing program ) = 18 [pid 1148] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1148] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1148] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1148] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1148] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1148] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} [pid 1138] <... write resumed>) = 20699119 [pid 1148] <... clone3 resumed> => {parent_tid=[59]}, 88) = 59 [pid 1148] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1148] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1148] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1138] munmap(0x7fc71771c000, 138412032) = 0 [pid 1138] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 56.153133][ T299] bio_check_eod: 14 callbacks suppressed [ 56.153155][ T299] syz-executor248: attempt to access beyond end of device [ 56.153155][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 1138] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 1149 attached [pid 1149] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1149] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1149] memfd_create("syzkaller", 0) = 3 [pid 1149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1138] <... ioctl resumed>) = 0 [pid 1138] close(3) = 0 [pid 1138] close(4) = 0 [pid 1138] mkdir("./file4", 0777) = 0 [ 56.204745][ T1138] loop1: detected capacity change from 0 to 40427 [ 56.233238][ T1138] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 56.250713][ T1138] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [pid 1138] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 56.290379][ T1138] F2FS-fs (loop1): fault_injection options not supported [ 56.328409][ T1138] F2FS-fs (loop1): fault_type options not supported [pid 1147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1141] <... write resumed>) = 20699119 [pid 1141] munmap(0x7fc71771c000, 138412032) = 0 [pid 1141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 56.336267][ T1138] F2FS-fs (loop1): invalid crc value [pid 1141] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1141] close(3) = 0 [pid 1141] close(4) = 0 [pid 1141] mkdir("./file4", 0777) = 0 [ 56.374159][ T1141] loop0: detected capacity change from 0 to 40427 [ 56.380821][ T1138] F2FS-fs (loop1): Found nat_bits in checkpoint [ 56.403827][ T1141] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [pid 1141] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 56.420551][ T1141] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [pid 1149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./27/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./27/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./27/file4") = 0 [pid 299] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./27/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./27") = 0 [pid 299] mkdir("./28", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 58 ./strace-static-x86_64: Process 1153 attached [pid 1153] set_robust_list(0x5555875796a0, 24) = 0 [pid 1153] chdir("./28") = 0 [pid 1153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1153] setpgid(0, 0) = 0 [pid 1153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1153] write(3, "1000", 4) = 4 [pid 1153] close(3) = 0 [pid 1153] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 1153] write(1, "executing program\n", 18) = 18 [pid 1153] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1153] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1153] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1153] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1153] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1153] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1153] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[59]}, 88) = 59 [pid 1153] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1153] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1153] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1147] <... write resumed>) = 20699119 [ 56.450987][ T1141] F2FS-fs (loop0): fault_injection options not supported [ 56.458081][ T1141] F2FS-fs (loop0): fault_type options not supported [ 56.485847][ T1141] F2FS-fs (loop0): invalid crc value [pid 1147] munmap(0x7fc71771c000, 138412032./strace-static-x86_64: Process 1156 attached [pid 1156] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1156] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1147] <... munmap resumed>) = 0 [pid 1156] memfd_create("syzkaller", 0) = 3 [pid 1156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1147] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1147] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 1147] close(3) = 0 [pid 1138] <... mount resumed>) = 0 [pid 1147] close(4) = 0 [pid 1138] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 1147] mkdir("./file4", 0777) = 0 [pid 1138] <... openat resumed>) = 3 [pid 1147] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [ 56.501673][ T1141] F2FS-fs (loop0): Found nat_bits in checkpoint [ 56.518676][ T1138] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 56.525897][ T1147] loop2: detected capacity change from 0 to 40427 [ 56.532514][ T1138] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 56.542049][ T1147] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [pid 1138] chdir("./file4") = 0 [pid 1138] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 1138] ioctl(4, LOOP_CLR_FD) = 0 [pid 1138] close(4) = 0 [pid 1138] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1136] <... futex resumed>) = 0 [pid 1138] fspick(AT_FDCWD, ".", 0 [pid 1136] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1138] <... fspick resumed>) = 4 [pid 1138] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1136] <... futex resumed>) = 0 [pid 1138] <... futex resumed>) = 0 [pid 1138] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1136] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 1136] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1136] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1138] <... futex resumed>) = 0 [pid 1138] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) = -1 EINVAL (Invalid argument) [ 56.549019][ T1147] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 56.558107][ T1147] F2FS-fs (loop2): fault_injection options not supported [ 56.580393][ T1138] F2FS-fs (loop1): switch discard_unit option is not allowed [pid 1138] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1138] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1136] <... futex resumed>) = 0 [pid 1136] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1138] <... futex resumed>) = 0 [pid 1136] <... futex resumed>) = 1 [pid 1138] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1136] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1138] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1138] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1136] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1136] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1138] <... futex resumed>) = 0 [pid 1136] <... futex resumed>) = 1 [pid 1138] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1138] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1138] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1136] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 1136] close(3) = 0 [pid 1136] close(4) = 0 [pid 1136] close(5) = 0 [pid 1136] close(6) = -1 EBADF (Bad file descriptor) [pid 1136] close(7) = -1 EBADF (Bad file descriptor) [pid 1136] close(8) = -1 EBADF (Bad file descriptor) [pid 1136] close(9) = -1 EBADF (Bad file descriptor) [pid 1136] close(10) = -1 EBADF (Bad file descriptor) [pid 1136] close(11) = -1 EBADF (Bad file descriptor) [pid 1136] close(12) = -1 EBADF (Bad file descriptor) [pid 1136] close(13) = -1 EBADF (Bad file descriptor) [pid 1136] close(14) = -1 EBADF (Bad file descriptor) [pid 1136] close(15) = -1 EBADF (Bad file descriptor) [pid 1136] close(16) = -1 EBADF (Bad file descriptor) [pid 1136] close(17) = -1 EBADF (Bad file descriptor) [pid 1136] close(18) = -1 EBADF (Bad file descriptor) [pid 1136] close(19) = -1 EBADF (Bad file descriptor) [pid 1136] close(20) = -1 EBADF (Bad file descriptor) [pid 1136] close(21) = -1 EBADF (Bad file descriptor) [pid 1136] close(22) = -1 EBADF (Bad file descriptor) [pid 1136] close(23) = -1 EBADF (Bad file descriptor) [pid 1136] close(24) = -1 EBADF (Bad file descriptor) [pid 1136] close(25) = -1 EBADF (Bad file descriptor) [pid 1136] close(26) = -1 EBADF (Bad file descriptor) [pid 1136] close(27) = -1 EBADF (Bad file descriptor) [pid 1136] close(28) = -1 EBADF (Bad file descriptor) [pid 1136] close(29) = -1 EBADF (Bad file descriptor) [pid 1136] exit_group(0 [pid 1138] <... futex resumed>) = ? [pid 1136] <... exit_group resumed>) = ? [pid 1138] +++ exited with 0 +++ [pid 1136] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=58, si_uid=0, si_status=0, si_utime=7, si_stime=17} --- [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 297] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 297] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 56.602079][ T1147] F2FS-fs (loop2): fault_type options not supported [ 56.618895][ T1141] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 56.631500][ T297] syz-executor248: attempt to access beyond end of device [ 56.631500][ T297] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [pid 297] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1149] <... write resumed>) = 20699119 [pid 1141] <... mount resumed>) = 0 [pid 1149] munmap(0x7fc71771c000, 138412032) = 0 [pid 1149] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 1141] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY [pid 1149] <... openat resumed>) = 4 [pid 1149] ioctl(4, LOOP_SET_FD, 3 [pid 1141] <... openat resumed>) = 3 [pid 1141] chdir("./file4") = 0 [pid 1141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1141] ioctl(4, LOOP_CLR_FD) = 0 [pid 1141] close(4 [pid 1156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1141] <... close resumed>) = 0 [pid 1141] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1140] <... futex resumed>) = 0 [pid 1141] <... futex resumed>) = 1 [pid 1140] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1141] fspick(AT_FDCWD, ".", 0 [pid 1140] <... futex resumed>) = 0 [pid 1140] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1141] <... fspick resumed>) = 4 [pid 1141] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1140] <... futex resumed>) = 0 [pid 1140] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1140] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 56.637023][ T1141] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 56.654070][ T1147] F2FS-fs (loop2): invalid crc value [ 56.666773][ T1149] loop3: detected capacity change from 0 to 40427 [ 56.678440][ T1147] F2FS-fs (loop2): Found nat_bits in checkpoint [pid 1141] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1149] <... ioctl resumed>) = 0 [pid 1149] close(3) = 0 [pid 1149] close(4) = 0 [pid 1149] mkdir("./file4", 0777) = 0 [pid 1149] mount("/dev/loop3", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1141] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1141] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1140] <... futex resumed>) = 0 [pid 1140] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1141] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000 [pid 1140] <... futex resumed>) = 0 [pid 1141] <... open resumed>) = 5 [pid 1140] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1141] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1140] <... futex resumed>) = 0 [pid 1141] <... futex resumed>) = 1 [pid 1140] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1141] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1140] <... futex resumed>) = 0 [pid 1140] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1141] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1141] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1140] <... futex resumed>) = 0 [pid 1141] <... futex resumed>) = 1 [pid 1140] close(3 [pid 1141] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1140] <... close resumed>) = 0 [pid 1140] close(4) = 0 [pid 1140] close(5) = 0 [pid 1140] close(6) = -1 EBADF (Bad file descriptor) [pid 1140] close(7) = -1 EBADF (Bad file descriptor) [pid 1140] close(8) = -1 EBADF (Bad file descriptor) [pid 1140] close(9) = -1 EBADF (Bad file descriptor) [pid 1140] close(10) = -1 EBADF (Bad file descriptor) [pid 1140] close(11) = -1 EBADF (Bad file descriptor) [pid 1140] close(12) = -1 EBADF (Bad file descriptor) [pid 1140] close(13) = -1 EBADF (Bad file descriptor) [pid 1140] close(14) = -1 EBADF (Bad file descriptor) [pid 1140] close(15) = -1 EBADF (Bad file descriptor) [pid 1140] close(16) = -1 EBADF (Bad file descriptor) [pid 1140] close(17) = -1 EBADF (Bad file descriptor) [pid 1140] close(18) = -1 EBADF (Bad file descriptor) [pid 1140] close(19) = -1 EBADF (Bad file descriptor) [pid 1140] close(20) = -1 EBADF (Bad file descriptor) [pid 1140] close(21) = -1 EBADF (Bad file descriptor) [pid 1140] close(22) = -1 EBADF (Bad file descriptor) [pid 1140] close(23) = -1 EBADF (Bad file descriptor) [pid 1140] close(24) = -1 EBADF (Bad file descriptor) [pid 1140] close(25) = -1 EBADF (Bad file descriptor) [pid 1140] close(26) = -1 EBADF (Bad file descriptor) [pid 1140] close(27) = -1 EBADF (Bad file descriptor) [pid 1140] close(28) = -1 EBADF (Bad file descriptor) [pid 1140] close(29) = -1 EBADF (Bad file descriptor) [pid 1140] exit_group(0) = ? [pid 1141] <... futex resumed>) = ? [pid 1141] +++ exited with 0 +++ [pid 1140] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=57, si_uid=0, si_status=0, si_utime=6, si_stime=20} --- [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 294] umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 294] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 56.699594][ T1141] F2FS-fs (loop0): switch discard_unit option is not allowed [ 56.715017][ T1149] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 56.730363][ T1149] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 56.765600][ T294] syz-executor248: attempt to access beyond end of device [ 56.765600][ T294] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 56.772905][ T1147] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 56.787184][ T1149] F2FS-fs (loop3): fault_injection options not supported [ 56.794576][ T1147] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 56.796628][ T1149] F2FS-fs (loop3): fault_type options not supported [pid 294] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1147] <... mount resumed>) = 0 [pid 1147] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1147] chdir("./file4") = 0 [pid 1147] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 1147] ioctl(4, LOOP_CLR_FD) = 0 [pid 1147] close(4) = 0 [pid 1147] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1146] <... futex resumed>) = 0 [pid 1147] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1146] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1146] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1147] <... futex resumed>) = 0 [pid 1147] fspick(AT_FDCWD, ".", 0) = 4 [pid 1147] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1146] <... futex resumed>) = 0 [pid 1147] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1146] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1147] <... futex resumed>) = 0 [pid 1146] <... futex resumed>) = 1 [pid 1147] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [ 56.825622][ T1149] F2FS-fs (loop3): invalid crc value [pid 1146] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 297] <... umount2 resumed>) = 0 [pid 297] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./28/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] openat(AT_FDCWD, "./28/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 297] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 297] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 297] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 297] close(4) = 0 [pid 297] rmdir("./28/file4") = 0 [pid 297] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 297] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 297] unlink("./28/binderfs" [pid 1156] <... write resumed>) = 20699119 [pid 297] <... unlink resumed>) = 0 [pid 297] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 297] close(3) = 0 [pid 297] rmdir("./28") = 0 [pid 297] mkdir("./29", 0777) = 0 [pid 297] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 297] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 297] close(3) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 60 ./strace-static-x86_64: Process 1167 attached [pid 1167] set_robust_list(0x5555875796a0, 24) = 0 [pid 1167] chdir("./29") = 0 [pid 1167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1167] setpgid(0, 0) = 0 [pid 1167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1167] write(3, "1000", 4) = 4 [pid 1167] close(3) = 0 [pid 1167] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1167] write(1, "executing program\n", 18executing program ) = 18 [pid 1167] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1156] munmap(0x7fc71771c000, 138412032 [pid 1147] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1156] <... munmap resumed>) = 0 [pid 1147] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1167] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1167] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1167] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE [pid 1156] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 1147] <... futex resumed>) = 1 [pid 1156] <... openat resumed>) = 4 [pid 1147] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1156] ioctl(4, LOOP_SET_FD, 3 [pid 1146] <... futex resumed>) = 0 [pid 1146] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1146] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1167] <... mprotect resumed>) = 0 [pid 1167] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1167] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[61]}, 88) = 61 [pid 1167] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1167] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1167] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 1147] <... futex resumed>) = 0 [pid 1147] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000./strace-static-x86_64: Process 1168 attached [pid 1168] set_robust_list(0x7fc71fb3c9a0, 24 [pid 1147] <... open resumed>) = 5 [pid 1147] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1146] <... futex resumed>) = 0 [pid 1147] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1146] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1147] <... futex resumed>) = 0 [pid 1146] <... futex resumed>) = 1 [pid 1147] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1146] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1147] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1146] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 1147] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1146] close(3) = 0 [pid 1146] close(4) = 0 [pid 1146] close(5) = 0 [pid 1146] close(6) = -1 EBADF (Bad file descriptor) [pid 1146] close(7) = -1 EBADF (Bad file descriptor) [pid 1146] close(8) = -1 EBADF (Bad file descriptor) [pid 1146] close(9) = -1 EBADF (Bad file descriptor) [pid 1146] close(10) = -1 EBADF (Bad file descriptor) [pid 1146] close(11) = -1 EBADF (Bad file descriptor) [pid 1146] close(12) = -1 EBADF (Bad file descriptor) [pid 1146] close(13) = -1 EBADF (Bad file descriptor) [pid 1146] close(14) = -1 EBADF (Bad file descriptor) [pid 1146] close(15) = -1 EBADF (Bad file descriptor) [pid 1146] close(16) = -1 EBADF (Bad file descriptor) [pid 1146] close(17) = -1 EBADF (Bad file descriptor) [pid 1146] close(18) = -1 EBADF (Bad file descriptor) [pid 1146] close(19) = -1 EBADF (Bad file descriptor) [pid 1146] close(20) = -1 EBADF (Bad file descriptor) [pid 1146] close(21) = -1 EBADF (Bad file descriptor) [pid 1146] close(22) = -1 EBADF (Bad file descriptor) [pid 1146] close(23) = -1 EBADF (Bad file descriptor) [pid 1146] close(24) = -1 EBADF (Bad file descriptor) [pid 1146] close(25) = -1 EBADF (Bad file descriptor) [pid 1146] close(26) = -1 EBADF (Bad file descriptor) [pid 1146] close(27) = -1 EBADF (Bad file descriptor) [pid 1146] close(28) = -1 EBADF (Bad file descriptor) [pid 1146] close(29) = -1 EBADF (Bad file descriptor) [pid 1146] exit_group(0 [pid 1147] <... futex resumed>) = ? [pid 1146] <... exit_group resumed>) = ? [pid 1168] <... set_robust_list resumed>) = 0 [pid 1168] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1147] +++ exited with 0 +++ [pid 1146] +++ exited with 0 +++ [pid 293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=59, si_uid=0, si_status=0, si_utime=7, si_stime=18} --- [pid 293] restart_syscall(<... resuming interrupted clone ...> [pid 1168] memfd_create("syzkaller", 0) = 3 [pid 1168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 1156] <... ioctl resumed>) = 0 [pid 1168] <... mmap resumed>) = 0x7fc71771c000 [pid 1156] close(3) = 0 [pid 1156] close(4) = 0 [pid 293] <... restart_syscall resumed>) = 0 [pid 1156] mkdir("./file4", 0777) = 0 [pid 293] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 1156] mount("/dev/loop4", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 293] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 56.858620][ T1147] F2FS-fs (loop2): switch discard_unit option is not allowed [ 56.887389][ T1149] F2FS-fs (loop3): Found nat_bits in checkpoint [ 56.896491][ T1156] loop4: detected capacity change from 0 to 40427 [ 56.917491][ T1156] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 56.924877][ T293] syz-executor248: attempt to access beyond end of device [ 56.924877][ T293] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 56.939584][ T1156] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 56.960358][ T1156] F2FS-fs (loop4): fault_injection options not supported [pid 293] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1149] <... mount resumed>) = 0 [pid 1149] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1149] chdir("./file4") = 0 [pid 1149] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 1149] ioctl(4, LOOP_CLR_FD) = 0 [pid 1149] close(4) = 0 [pid 1149] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1148] <... futex resumed>) = 0 [pid 1148] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1148] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1149] <... futex resumed>) = 1 [pid 1149] fspick(AT_FDCWD, ".", 0) = 4 [pid 1149] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1148] <... futex resumed>) = 0 [pid 1148] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1148] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1149] <... futex resumed>) = 1 [ 56.967773][ T1156] F2FS-fs (loop4): fault_type options not supported [ 56.990669][ T1149] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 56.998398][ T1149] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 57.007109][ T1156] F2FS-fs (loop4): invalid crc value [pid 1149] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 294] <... umount2 resumed>) = 0 [pid 294] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./27/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] umount2("./27/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] openat(AT_FDCWD, "./27/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 294] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 294] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 294] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 294] close(4) = 0 [pid 294] rmdir("./27/file4") = 0 [pid 294] umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 294] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 294] unlink("./27/binderfs") = 0 [pid 294] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 294] close(3) = 0 [pid 294] rmdir("./27") = 0 [pid 294] mkdir("./28", 0777) = 0 [pid 294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 294] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 294] close(3) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 59 ./strace-static-x86_64: Process 1173 attached [pid 1173] set_robust_list(0x5555875796a0, 24) = 0 [pid 1173] chdir("./28") = 0 [pid 1173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1173] setpgid(0, 0) = 0 [pid 1173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1173] write(3, "1000", 4) = 4 [pid 1173] close(3) = 0 [pid 1173] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 1173] write(1, "executing program\n", 18) = 18 [pid 1173] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1173] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1173] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1173] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1173] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1173] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1173] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[60]}, 88) = 60 [pid 1173] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1173] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1173] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1174 attached [pid 1174] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1174] rt_sigprocmask(SIG_SETMASK, [], [pid 1148] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 1148] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fafb000 [pid 1148] mprotect(0x7fc71fafc000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1148] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1148] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb1b990, parent_tid=0x7fc71fb1b990, exit_signal=0, stack=0x7fc71fafb000, stack_size=0x20300, tls=0x7fc71fb1b6c0} => {parent_tid=[60]}, 88) = 60 [pid 1148] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1148] futex(0x7fc71fc0d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1148] futex(0x7fc71fc0d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 1175 attached [pid 1175] set_robust_list(0x7fc71fb1b9a0, 24) = 0 [pid 1175] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1175] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1174] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 1174] memfd_create("syzkaller", 0) = 3 [pid 1174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [pid 1175] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1148] <... futex resumed>) = 0 [pid 1148] futex(0x7fc71fc0d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1148] futex(0x7fc71fc0d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1175] <... futex resumed>) = 1 [ 57.033630][ T1149] F2FS-fs (loop3): switch discard_unit option is not allowed [ 57.046626][ T1156] F2FS-fs (loop4): Found nat_bits in checkpoint [ 57.091461][ T1175] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 57.103316][ T1175] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 57.111742][ T1175] CPU: 0 PID: 1175 Comm: syz-executor248 Not tainted 6.1.138-syzkaller-00002-g13ff1300ee84 #0 [ 57.121986][ T1175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 57.132048][ T1175] RIP: 0010:update_sit_entry+0x4f9/0x15a0 [ 57.137805][ T1175] Code: 00 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 7e 14 8d ff 48 8b 1b 4c 01 f3 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 55 0f 00 00 44 0f b6 23 44 89 e0 44 08 f8 [ 57.157506][ T1175] RSP: 0018:ffffc90002db6e00 EFLAGS: 00010246 [ 57.163587][ T1175] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 57.171565][ T1175] RDX: ffff88811b233cc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 57.179635][ T1175] RBP: ffffc90002db6ed0 R08: ffff88811b233cc0 R09: 0000000000000003 [ 57.187623][ T1175] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000000 [ 57.195610][ T1175] R13: ffff888120c9c0c8 R14: 0000000000000000 R15: 0000000000000080 [ 57.203777][ T1175] FS: 00007fc71fb1b6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 57.212717][ T1175] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.219319][ T1175] CR2: 00007fc71fb1bd58 CR3: 00000001252e3000 CR4: 00000000003506b0 [ 57.227315][ T1175] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.235311][ T1175] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.243393][ T1175] Call Trace: [ 57.246704][ T1175] [ 57.249664][ T1175] ? __kasan_check_write+0x14/0x20 [ 57.254812][ T1175] ? ktime_get_coarse_with_offset+0x153/0x1a0 [ 57.260913][ T1175] f2fs_allocate_data_block+0x148c/0x3af0 [ 57.266762][ T1175] ? __cfi__raw_spin_lock+0x10/0x10 [ 57.272145][ T1175] ? _raw_spin_unlock+0x4c/0x70 [ 57.277044][ T1175] ? f2fs_inode_dirtied+0x308/0x360 [ 57.282283][ T1175] ? __cfi_f2fs_allocate_data_block+0x10/0x10 [pid 1175] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119 [pid 1149] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 293] <... umount2 resumed>) = 0 [pid 293] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./28/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] openat(AT_FDCWD, "./28/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 293] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 293] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 293] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 293] close(4) = 0 [pid 293] rmdir("./28/file4") = 0 [pid 293] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 293] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 293] unlink("./28/binderfs") = 0 [pid 293] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 293] close(3 [pid 1149] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 293] <... close resumed>) = 0 [pid 1149] <... futex resumed>) = 0 [pid 1149] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 293] rmdir("./28") = 0 [pid 293] mkdir("./29", 0777) = 0 [pid 293] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 293] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 293] close(3) = 0 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 61 [pid 1168] <... write resumed>) = 20699119 [pid 1168] munmap(0x7fc71771c000, 138412032) = 0 [pid 1174] <... write resumed>) = 20699119 [pid 1168] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 57.288383][ T1175] ? f2fs_mark_inode_dirty_sync+0x13e/0x1c0 [ 57.294317][ T1175] ? inc_valid_block_count+0x5af/0xa00 [ 57.299908][ T1175] f2fs_map_blocks+0x11a8/0x3a60 [ 57.304984][ T1175] ? __cfi_f2fs_map_blocks+0x10/0x10 [ 57.310308][ T1175] ? do_syscall_64+0x4c/0xa0 [ 57.314935][ T1175] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 57.321038][ T1175] f2fs_iomap_begin+0x1f5/0x920 [ 57.325923][ T1175] ? __cfi_f2fs_iomap_begin+0x10/0x10 [ 57.331333][ T1175] iomap_iter+0x5b7/0xb30 [ 57.331807][ T1168] loop1: detected capacity change from 0 to 40427 [pid 1168] ioctl(4, LOOP_SET_FD, 3executing program [pid 1174] munmap(0x7fc71771c000, 138412032) = 0 [pid 1174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 1174] ioctl(4, LOOP_SET_FD, 3 [pid 1168] <... ioctl resumed>) = 0 [pid 1168] close(3) = 0 [pid 1168] close(4) = 0 [pid 1168] mkdir("./file4", 0777) = 0 [pid 1168] mount("/dev/loop1", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"... [pid 1174] <... ioctl resumed>) = 0 [pid 1174] close(3) = 0 [pid 1174] close(4) = 0 [pid 1174] mkdir("./file4", 0777) = 0 [pid 1174] mount("/dev/loop0", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"..../strace-static-x86_64: Process 1176 attached [pid 1176] set_robust_list(0x5555875796a0, 24) = 0 [pid 1176] chdir("./29") = 0 [pid 1176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 1176] setpgid(0, 0) = 0 [pid 1176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 1176] write(3, "1000", 4) = 4 [pid 1176] close(3) = 0 [pid 1176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 1176] write(1, "executing program\n", 18) = 18 [pid 1176] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1176] rt_sigaction(SIGRT_1, {sa_handler=0x7fc71fba67d0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc71fb97980}, NULL, 8) = 0 [pid 1176] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 1176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fb1c000 [pid 1176] mprotect(0x7fc71fb1d000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1176] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1176] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb3c990, parent_tid=0x7fc71fb3c990, exit_signal=0, stack=0x7fc71fb1c000, stack_size=0x20300, tls=0x7fc71fb3c6c0} => {parent_tid=[62]}, 88) = 62 [pid 1176] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1176] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1176] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 1178 attached [pid 1178] set_robust_list(0x7fc71fb3c9a0, 24) = 0 [pid 1178] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1178] memfd_create("syzkaller", 0) = 3 [pid 1178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc71771c000 [ 57.335701][ T1175] ? __cfi_f2fs_iomap_begin+0x10/0x10 [ 57.335725][ T1175] __iomap_dio_rw+0xc34/0x1bd0 [ 57.350262][ T1174] loop0: detected capacity change from 0 to 40427 [ 57.352507][ T1175] ? __cfi___iomap_dio_rw+0x10/0x10 [ 57.364117][ T1175] ? down_read_trylock+0x273/0x640 [ 57.369259][ T1175] ? fault_in_readable+0xf3/0x150 [ 57.374411][ T1175] ? fault_in_iov_iter_readable+0x2cd/0x320 [ 57.380331][ T1175] f2fs_file_write_iter+0x1559/0x2550 [ 57.385825][ T1175] ? __cfi_f2fs_file_write_iter+0x10/0x10 [ 57.391563][ T1175] ? kvm_sched_clock_read+0x18/0x40 [ 57.396776][ T1175] ? __this_cpu_preempt_check+0x13/0x20 [ 57.402338][ T1175] ? avc_policy_seqno+0x1b/0x70 [ 57.407211][ T1175] ? fsnotify_perm+0x67/0x5b0 [ 57.412245][ T1175] ? security_file_permission+0x8a/0xb0 [ 57.417886][ T1175] do_iter_write+0x650/0xb10 [ 57.422581][ T1175] ? _copy_from_user+0x8f/0xc0 [ 57.427375][ T1175] ? vfs_iter_write+0xa0/0xa0 [ 57.432078][ T1175] ? import_iovec+0x7c/0xb0 [ 57.436595][ T1175] vfs_writev+0x30b/0x590 [ 57.440936][ T1175] ? do_writev+0x2b0/0x2b0 [ 57.445362][ T1175] ? _raw_spin_lock_irq+0x8f/0xe0 [ 57.450411][ T1175] ? __fdget+0x19c/0x220 [ 57.454670][ T1175] ? __se_sys_pwritev2+0xad/0x2b0 [ 57.459719][ T1175] __se_sys_pwritev2+0x1a9/0x2b0 [ 57.464784][ T1175] ? __x64_sys_pwritev2+0xd0/0xd0 [ 57.469850][ T1175] ? fpregs_restore_userregs+0x128/0x260 [ 57.475600][ T1175] __x64_sys_pwritev2+0xbf/0xd0 [ 57.480923][ T1175] x64_sys_call+0x2d6/0x9a0 [ 57.485452][ T1175] do_syscall_64+0x4c/0xa0 [ 57.489900][ T1175] ? clear_bhb_loop+0x15/0x70 [ 57.494297][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 57.494311][ T28] audit: type=1400 audit(1749554385.228:86): avc: denied { read } for pid=84 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 57.494600][ T1175] ? clear_bhb_loop+0x15/0x70 [ 57.500919][ T1168] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 57.522352][ T1175] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 57.522394][ T1175] RIP: 0033:0x7fc71fb80389 [ 57.527083][ T1174] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 57.534021][ T1175] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 57.534048][ T1175] RSP: 002b:00007fc71fb1b208 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [pid 1178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119 [pid 1178] munmap(0x7fc71771c000, 138412032) = 0 [pid 1178] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 57.550738][ T28] audit: type=1400 audit(1749554385.228:87): avc: denied { search } for pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 57.551589][ T1175] RAX: ffffffffffffffda RBX: 00007fc71fc0d6d8 RCX: 00007fc71fb80389 [ 57.571859][ T1174] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 57.579694][ T1175] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000005 [ 57.615016][ T1168] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 57.617246][ T1175] RBP: 00007fc71fc0d6d0 R08: 0000000000000007 R09: 0000000000000003 [pid 1178] ioctl(4, LOOP_SET_FD, 3 [pid 1148] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [ 57.626195][ T1178] loop2: detected capacity change from 0 to 40427 [ 57.633627][ T1175] R10: 0000000000002000 R11: 0000000000000246 R12: 00007fc71fbd982c [ 57.633652][ T1175] R13: 0000200000000000 R14: 0000200000000240 R15: 00002000000005c0 [ 57.633670][ T1175] [ 57.633677][ T1175] Modules linked in: [ 57.656248][ T28] audit: type=1400 audit(1749554385.228:88): avc: denied { write } for pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 57.665116][ T1156] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 57.667511][ T28] audit: type=1400 audit(1749554385.228:89): avc: denied { add_name } for pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 57.692984][ T1156] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [pid 1156] <... mount resumed>) = 0 [pid 1156] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1156] chdir("./file4") = 0 [pid 1156] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 1156] ioctl(4, LOOP_CLR_FD) = 0 [pid 1156] close(4) = 0 [pid 1156] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1153] <... futex resumed>) = 0 [pid 1153] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1153] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1156] <... futex resumed>) = 1 [pid 1156] fspick(AT_FDCWD, ".", 0) = 4 [pid 1156] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 1153] <... futex resumed>) = 0 [pid 1153] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1153] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1156] <... futex resumed>) = 1 [ 57.700169][ T28] audit: type=1400 audit(1749554385.228:90): avc: denied { create } for pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 57.726335][ T1168] F2FS-fs (loop1): fault_injection options not supported [ 57.728335][ T28] audit: type=1400 audit(1749554385.228:91): avc: denied { append open } for pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 57.749693][ T1174] F2FS-fs (loop0): fault_injection options not supported [ 57.756694][ T28] audit: type=1400 audit(1749554385.228:92): avc: denied { getattr } for pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 57.794901][ T1156] F2FS-fs (loop4): switch discard_unit option is not allowed [ 57.811819][ T1175] ---[ end trace 0000000000000000 ]--- [ 57.821855][ T1175] RIP: 0010:update_sit_entry+0x4f9/0x15a0 [pid 1156] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1153] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 1153] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1153] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc71fafb000 [pid 1153] mprotect(0x7fc71fafc000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 1153] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 1153] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7fc71fb1b990, parent_tid=0x7fc71fb1b990, exit_signal=0, stack=0x7fc71fafb000, stack_size=0x20300, tls=0x7fc71fb1b6c0} => {parent_tid=[60]}, 88) = 60 [pid 1153] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1153] futex(0x7fc71fc0d6d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1153] futex(0x7fc71fc0d6dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1178] <... ioctl resumed>) = 0 [pid 1178] close(3) = 0 [pid 1178] close(4) = 0 [pid 1178] mkdir("./file4", 0777) = 0 [pid 1178] mount("/dev/loop2", "./file4", "f2fs", 0, "noinline_xattr,active_logs=4,discard,fault_injection=00000000000000041160,fault_type=000000000000000"..../strace-static-x86_64: Process 1179 attached [pid 1179] set_robust_list(0x7fc71fb1b9a0, 24 [pid 1156] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1156] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 57.827819][ T1175] Code: 00 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 7e 14 8d ff 48 8b 1b 4c 01 f3 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 55 0f 00 00 44 0f b6 23 44 89 e0 44 08 f8 [ 57.827893][ T1168] F2FS-fs (loop1): fault_type options not supported [ 57.847793][ T1175] RSP: 0018:ffffc90002db6e00 EFLAGS: 00010246 [ 57.857966][ T1174] F2FS-fs (loop0): fault_type options not supported [ 57.863794][ T1175] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 57.869359][ T1178] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 57.875723][ T1175] RDX: ffff88811b233cc0 RSI: 0000000000000000 RDI: 0000000000000000 [pid 1156] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1179] <... set_robust_list resumed>) = 0 [pid 1179] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 1179] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1179] futex(0x7fc71fc0d6dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1153] <... futex resumed>) = 0 [pid 1153] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1156] <... futex resumed>) = 0 [pid 1153] <... futex resumed>) = 1 [pid 1179] futex(0x7fc71fc0d6d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1156] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC [pid 1153] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1156] <... pwritev2 resumed>) = -1 EINVAL (Invalid argument) [pid 1156] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1153] <... futex resumed>) = 0 [pid 1156] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1153] close(3) = 0 [pid 1153] close(4) = 0 [pid 1153] close(5) = 0 [pid 1153] close(6) = -1 EBADF (Bad file descriptor) [pid 1153] close(7) = -1 EBADF (Bad file descriptor) [pid 1153] close(8) = -1 EBADF (Bad file descriptor) [pid 1153] close(9) = -1 EBADF (Bad file descriptor) [pid 1153] close(10) = -1 EBADF (Bad file descriptor) [pid 1153] close(11) = -1 EBADF (Bad file descriptor) [pid 1153] close(12) = -1 EBADF (Bad file descriptor) [pid 1153] close(13) = -1 EBADF (Bad file descriptor) [pid 1153] close(14) = -1 EBADF (Bad file descriptor) [pid 1153] close(15) = -1 EBADF (Bad file descriptor) [pid 1153] close(16) = -1 EBADF (Bad file descriptor) [pid 1153] close(17) = -1 EBADF (Bad file descriptor) [pid 1153] close(18) = -1 EBADF (Bad file descriptor) [pid 1153] close(19) = -1 EBADF (Bad file descriptor) [pid 1153] close(20) = -1 EBADF (Bad file descriptor) [pid 1153] close(21) = -1 EBADF (Bad file descriptor) [pid 1153] close(22) = -1 EBADF (Bad file descriptor) [pid 1153] close(23) = -1 EBADF (Bad file descriptor) [pid 1153] close(24) = -1 EBADF (Bad file descriptor) [pid 1153] close(25) = -1 EBADF (Bad file descriptor) [pid 1153] close(26) = -1 EBADF (Bad file descriptor) [pid 1153] close(27) = -1 EBADF (Bad file descriptor) [pid 1153] close(28) = -1 EBADF (Bad file descriptor) [pid 1153] close(29) = -1 EBADF (Bad file descriptor) [pid 1153] exit_group(0 [pid 1179] <... futex resumed>) = ? [pid 1156] <... futex resumed>) = ? [pid 1153] <... exit_group resumed>) = ? [pid 1179] +++ exited with 0 +++ [pid 1156] +++ exited with 0 +++ [pid 1153] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=58, si_uid=0, si_status=0, si_utime=8, si_stime=20} --- [ 57.884192][ T1178] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 57.890971][ T1175] RBP: ffffc90002db6ed0 R08: ffff88811b233cc0 R09: 0000000000000003 [ 57.907612][ T1174] F2FS-fs (loop0): invalid crc value [ 57.909526][ T1178] F2FS-fs (loop2): fault_injection options not supported [ 57.913346][ T1175] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000000 [ 57.920176][ T1168] F2FS-fs (loop1): invalid crc value [ 57.928349][ T1175] R13: ffff888120c9c0c8 R14: 0000000000000000 R15: 0000000000000080 [pid 299] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 299] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=80, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(3, 0x55558757a730 /* 4 entries */, 32768) = 112 [ 57.934603][ T1178] F2FS-fs (loop2): fault_type options not supported [ 57.941843][ T1175] FS: 00007fc71fb1b6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 57.957635][ T299] syz-executor248: attempt to access beyond end of device [ 57.957635][ T299] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 57.957818][ T1175] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.979010][ T1174] F2FS-fs (loop0): Found nat_bits in checkpoint [ 57.985894][ T1168] F2FS-fs (loop1): Found nat_bits in checkpoint [ 57.990559][ T1178] F2FS-fs (loop2): invalid crc value [ 57.999700][ T1175] CR2: 00007fc71fb1bd58 CR3: 00000001252e3000 CR4: 00000000003506b0 [ 58.031079][ T1175] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [pid 299] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 1148] close(3) = 0 [pid 1148] close(4) = 0 [pid 1148] close(5) = 0 [pid 1148] close(6) = -1 EBADF (Bad file descriptor) [pid 1148] close(7) = -1 EBADF (Bad file descriptor) [pid 1148] close(8) = -1 EBADF (Bad file descriptor) [pid 1148] close(9) = -1 EBADF (Bad file descriptor) [pid 1148] close(10) = -1 EBADF (Bad file descriptor) [pid 1148] close(11) = -1 EBADF (Bad file descriptor) [pid 1148] close(12) = -1 EBADF (Bad file descriptor) [pid 1148] close(13) = -1 EBADF (Bad file descriptor) [pid 1148] close(14) = -1 EBADF (Bad file descriptor) [pid 1148] close(15) = -1 EBADF (Bad file descriptor) [pid 1148] close(16) = -1 EBADF (Bad file descriptor) [pid 1148] close(17) = -1 EBADF (Bad file descriptor) [pid 1148] close(18) = -1 EBADF (Bad file descriptor) [pid 1148] close(19) = -1 EBADF (Bad file descriptor) [pid 1148] close(20) = -1 EBADF (Bad file descriptor) [pid 1148] close(21) = -1 EBADF (Bad file descriptor) [pid 1148] close(22) = -1 EBADF (Bad file descriptor) [pid 1148] close(23) = -1 EBADF (Bad file descriptor) [pid 1148] close(24) = -1 EBADF (Bad file descriptor) [pid 1148] close(25) = -1 EBADF (Bad file descriptor) [pid 1148] close(26) = -1 EBADF (Bad file descriptor) [pid 1148] close(27) = -1 EBADF (Bad file descriptor) [pid 1148] close(28) = -1 EBADF (Bad file descriptor) [pid 1148] close(29) = -1 EBADF (Bad file descriptor) [pid 1148] exit_group(0 [pid 1149] <... futex resumed>) = ? [pid 1148] <... exit_group resumed>) = ? [pid 1149] +++ exited with 0 +++ [pid 1168] <... mount resumed>) = 0 [pid 1168] openat(AT_FDCWD, "./file4", O_RDONLY|O_DIRECTORY) = 3 [pid 1168] chdir("./file4") = 0 [pid 1168] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 1168] ioctl(4, LOOP_CLR_FD) = 0 [pid 1168] close(4) = 0 [pid 1168] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1168] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1167] <... futex resumed>) = 0 [pid 1167] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1168] <... futex resumed>) = 0 [pid 1167] <... futex resumed>) = 1 [pid 1168] fspick(AT_FDCWD, ".", 0) = 4 [pid 1167] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 58.040005][ T1178] F2FS-fs (loop2): Found nat_bits in checkpoint [ 58.064686][ T1168] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 58.076739][ T1168] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 58.080317][ T1175] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [pid 1168] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1168] futex(0x7fc71fc0d6c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 1167] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 299] <... umount2 resumed>) = 0 [pid 299] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./28/file4", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] umount2("./28/file4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] openat(AT_FDCWD, "./28/file4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 299] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=40, ...}, AT_EMPTY_PATH) = 0 [pid 299] getdents64(4, 0x555587582770 /* 2 entries */, 32768) = 48 [pid 299] getdents64(4, 0x555587582770 /* 0 entries */, 32768) = 0 [pid 299] close(4) = 0 [pid 299] rmdir("./28/file4") = 0 [pid 299] umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 299] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 299] unlink("./28/binderfs") = 0 [pid 299] getdents64(3, 0x55558757a730 /* 0 entries */, 32768) = 0 [pid 299] close(3) = 0 [pid 299] rmdir("./28") = 0 [pid 299] mkdir("./29", 0777) = 0 [pid 299] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 299] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 299] close(3) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555587579690) = 61 [pid 1167] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 1168] <... futex resumed>) = 0 [pid 1168] fsconfig(4, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0 [pid 1167] <... futex resumed>) = 1 [pid 1167] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1168] <... fsconfig resumed>) = -1 EINVAL (Invalid argument) [pid 1168] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1167] <... futex resumed>) = 0 [pid 1167] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1167] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1168] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_DIRECT|O_NOFOLLOW|O_NOATIME, 000) = 5 [pid 1168] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1167] <... futex resumed>) = 0 [pid 1167] futex(0x7fc71fc0d6c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 1167] futex(0x7fc71fc0d6cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 1168] pwritev2(5, [{iov_base="\x00", iov_len=1}], 1, 8192, RWF_HIPRI|RWF_DSYNC) = -1 EINVAL (Invalid argument) [pid 1168] futex(0x7fc71fc0d6cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 1167] <... futex resumed>) = 0 [pid 1167] close(3) = 0 [pid 1167] close(4) = 0 [pid 1167] close(5) = 0 [pid 1167] close(6) = -1 EBADF (Bad file descriptor) [pid 1167] close(7) = -1 EBADF (Bad file descriptor) [pid 1167] close(8) = -1 EBADF (Bad file descriptor) [pid 1167] close(9) = -1 EBADF (Bad file descriptor) [pid 1167] close(10) = -1 EBADF (Bad file descriptor) [ 58.111108][ T1174] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 58.118460][ T1174] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 58.132631][ T1168] F2FS-fs (loop1): switch discard_unit option is not allowed [ 58.140620][ T1175] Kernel panic - not syncing: Fatal exception [ 58.147244][ T1175] Kernel Offset: disabled [ 58.151654][ T1175] Rebooting in 86400 seconds..