./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2158682661
<...>
lass=dir permissive=1
[ 6.542678][ T30] audit: type=1400 audit(1743533687.945:60): avc: denied { use } for pid=187 comm="sshd" path="/dev/null" dev="devtmpfs" ino=4 scontext=system_u:system_r:sshd_t tcontext=system_u:system_r:kernel_t tclass=fd permissive=1
[ 13.236751][ T30] audit: type=1400 audit(1743533694.645:61): avc: denied { transition } for pid=224 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 13.244671][ T30] audit: type=1400 audit(1743533694.645:62): avc: denied { noatsecure } for pid=224 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 13.250925][ T30] audit: type=1400 audit(1743533694.645:63): avc: denied { write } for pid=224 comm="sh" path="pipe:[14018]" dev="pipefs" ino=14018 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 13.258806][ T30] audit: type=1400 audit(1743533694.645:64): avc: denied { rlimitinh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 13.277235][ T30] audit: type=1400 audit(1743533694.645:65): avc: denied { siginh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.1.104' (ED25519) to the list of known hosts.
execve("./syz-executor2158682661", ["./syz-executor2158682661"], 0x7ffc55931990 /* 10 vars */) = 0
brk(NULL) = 0x55557c94e000
brk(0x55557c94ed00) = 0x55557c94ed00
arch_prctl(ARCH_SET_FS, 0x55557c94e380) = 0
set_tid_address(0x55557c94e650) = 302
set_robust_list(0x55557c94e660, 24) = 0
rseq(0x55557c94eca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2158682661", 4096) = 28
getrandom("\x82\x16\xd1\xbc\xbd\x2d\x5d\xb6", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55557c94ed00
brk(0x55557c96fd00) = 0x55557c96fd00
brk(0x55557c970000) = 0x55557c970000
mprotect(0x7f19f3046000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
mkdir("./syzkaller.PaIZ9i", 0700) = 0
chmod("./syzkaller.PaIZ9i", 0777) = 0
chdir("./syzkaller.PaIZ9i") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 304
./strace-static-x86_64: Process 304 attached
[pid 304] set_robust_list(0x55557c94e660, 24) = 0
[pid 304] chdir("./0") = 0
[pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 304] setpgid(0, 0) = 0
[pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 304] write(3, "1000", 4) = 4
[pid 304] close(3) = 0
[pid 304] symlink("/dev/binderfs", "./binderfs") = 0
[pid 304] write(1, "executing program\n", 18executing program
) = 18
[pid 304] memfd_create("syzkaller", 0) = 3
[pid 304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[ 29.940674][ T30] audit: type=1400 audit(1743533711.345:66): avc: denied { execmem } for pid=302 comm="syz-executor215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 29.959932][ T30] audit: type=1400 audit(1743533711.365:67): avc: denied { read write } for pid=302 comm="syz-executor215" name="loop0" dev="devtmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 29.984548][ T30] audit: type=1400 audit(1743533711.365:68): avc: denied { open } for pid=302 comm="syz-executor215" path="/dev/loop0" dev="devtmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 30.008707][ T30] audit: type=1400 audit(1743533711.365:69): avc: denied { ioctl } for pid=302 comm="syz-executor215" path="/dev/loop0" dev="devtmpfs" ino=112 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 304] munmap(0x7f19eab8e000, 138412032) = 0
[pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 304] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 304] close(3) = 0
[pid 304] close(4) = 0
[pid 304] mkdir("./bus", 0777) = 0
[ 30.103175][ T304] loop0: detected capacity change from 0 to 40427
[ 30.154571][ T30] audit: type=1400 audit(1743533711.565:70): avc: denied { mounton } for pid=304 comm="syz-executor215" path="/root/syzkaller.PaIZ9i/0/bus" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 30.214642][ T304] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 30.222208][ T304] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 30.231388][ T304] F2FS-fs (loop0): invalid crc value
[ 30.237944][ T304] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 30.262836][ T304] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 30.269396][ T304] F2FS-fs (loop0): Start checkpoint disabled!
[ 30.275640][ T304] attempt to access beyond end of device
[ 30.275640][ T304] loop0: rw=2049, want=40968, limit=40427
[pid 304] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 304] ioctl(3, LOOP_CLR_FD) = 0
[pid 304] close(3) = 0
[pid 304] memfd_create("syzkaller", 0) = 3
[pid 304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 304] munmap(0x7f19eab8e000, 138412032) = 0
[pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 304] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 304] close(3) = 0
[pid 304] close(4) = 0
[pid 304] mkdir("./file0", 0777) = 0
[ 30.413285][ T304] loop0: detected capacity change from 0 to 1024
[pid 304] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 304] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 304] chdir("./file0") = 0
[pid 304] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 304] ioctl(4, LOOP_CLR_FD) = 0
[pid 304] close(4) = 0
[pid 304] exit_group(0) = ?
[pid 304] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=4, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/bus") = 0
[ 30.486074][ T304] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 30.497626][ T30] audit: type=1400 audit(1743533711.905:71): avc: denied { mount } for pid=304 comm="syz-executor215" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 30.519880][ T30] audit: type=1400 audit(1743533711.905:72): avc: denied { unmount } for pid=302 comm="syz-executor215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 309
./strace-static-x86_64: Process 309 attached
[pid 309] set_robust_list(0x55557c94e660, 24) = 0
[pid 309] chdir("./1") = 0
[pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 309] setpgid(0, 0) = 0
[pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 309] write(3, "1000", 4) = 4
[pid 309] close(3) = 0
[pid 309] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 309] write(1, "executing program\n", 18) = 18
[pid 309] memfd_create("syzkaller", 0) = 3
[pid 309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 309] munmap(0x7f19eab8e000, 138412032) = 0
[pid 309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 309] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 309] close(3) = 0
[pid 309] close(4) = 0
[pid 309] mkdir("./bus", 0777) = 0
[ 30.712949][ T309] loop0: detected capacity change from 0 to 40427
[ 30.793484][ T309] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 30.801064][ T309] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 30.810094][ T309] F2FS-fs (loop0): invalid crc value
[ 30.816342][ T309] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 309] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 30.840634][ T309] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 30.847175][ T309] F2FS-fs (loop0): Start checkpoint disabled!
[ 30.853195][ T309] attempt to access beyond end of device
[ 30.853195][ T309] loop0: rw=2049, want=40968, limit=40427
[pid 309] ioctl(3, LOOP_CLR_FD) = 0
[pid 309] close(3) = 0
[pid 309] memfd_create("syzkaller", 0) = 3
[pid 309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 309] munmap(0x7f19eab8e000, 138412032) = 0
[pid 309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 309] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 309] close(3) = 0
[pid 309] close(4) = 0
[pid 309] mkdir("./file0", 0777) = 0
[pid 309] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 309] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 309] chdir("./file0") = 0
[pid 309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 309] ioctl(4, LOOP_CLR_FD) = 0
[pid 309] close(4) = 0
[pid 309] exit_group(0) = ?
[pid 309] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=309, si_uid=0, si_status=0, si_utime=4, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs") = 0
umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/bus") = 0
[ 30.970937][ T309] loop0: detected capacity change from 0 to 1024
[ 30.981837][ T309] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 314
./strace-static-x86_64: Process 314 attached
[pid 314] set_robust_list(0x55557c94e660, 24) = 0
[pid 314] chdir("./2") = 0
[pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 314] setpgid(0, 0) = 0
[pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 314] write(3, "1000", 4) = 4
[pid 314] close(3) = 0
[pid 314] symlink("/dev/binderfs", "./binderfs") = 0
[pid 314] write(1, "executing program\n", 18executing program
) = 18
[pid 314] memfd_create("syzkaller", 0) = 3
[pid 314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 314] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 314] munmap(0x7f19eab8e000, 138412032) = 0
[pid 314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 314] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 314] close(3) = 0
[pid 314] close(4) = 0
[pid 314] mkdir("./bus", 0777) = 0
[ 31.161864][ T314] loop0: detected capacity change from 0 to 40427
[ 31.243323][ T314] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 31.256504][ T314] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 31.265656][ T314] F2FS-fs (loop0): invalid crc value
[ 31.272009][ T314] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 314] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 31.295378][ T314] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 31.301894][ T314] F2FS-fs (loop0): Start checkpoint disabled!
[ 31.307949][ T314] attempt to access beyond end of device
[ 31.307949][ T314] loop0: rw=2049, want=40968, limit=40427
[pid 314] ioctl(3, LOOP_CLR_FD) = 0
[pid 314] close(3) = 0
[pid 314] memfd_create("syzkaller", 0) = 3
[pid 314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 314] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 314] munmap(0x7f19eab8e000, 138412032) = 0
[pid 314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 314] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 314] close(3) = 0
[pid 314] close(4) = 0
[pid 314] mkdir("./file0", 0777) = 0
[ 31.435015][ T314] loop0: detected capacity change from 0 to 1024
[pid 314] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 314] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 314] chdir("./file0") = 0
[pid 314] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 314] ioctl(4, LOOP_CLR_FD) = 0
[pid 314] close(4) = 0
[pid 314] exit_group(0) = ?
[pid 314] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=314, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs") = 0
umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/bus") = 0
[ 31.517125][ T314] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x55557c94e650) = 318
./strace-static-x86_64: Process 318 attached
[pid 318] set_robust_list(0x55557c94e660, 24) = 0
[pid 318] chdir("./3") = 0
[pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 318] setpgid(0, 0) = 0
[pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 318] write(3, "1000", 4) = 4
[pid 318] close(3) = 0
[pid 318] symlink("/dev/binderfs", "./binderfs") = 0
[pid 318] write(1, "executing program\n", 18) = 18
[pid 318] memfd_create("syzkaller", 0) = 3
[pid 318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 318] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 318] munmap(0x7f19eab8e000, 138412032) = 0
[pid 318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 318] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 318] close(3) = 0
[pid 318] close(4) = 0
[pid 318] mkdir("./bus", 0777) = 0
[ 31.716992][ T318] loop0: detected capacity change from 0 to 40427
[ 31.823420][ T318] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 31.831036][ T318] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 31.840039][ T318] F2FS-fs (loop0): invalid crc value
[ 31.846385][ T318] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 31.869881][ T318] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 31.876409][ T318] F2FS-fs (loop0): Start checkpoint disabled!
[ 31.882371][ T318] attempt to access beyond end of device
[ 31.882371][ T318] loop0: rw=2049, want=40968, limit=40427
[pid 318] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 318] ioctl(3, LOOP_CLR_FD) = 0
[pid 318] close(3) = 0
[pid 318] memfd_create("syzkaller", 0) = 3
[pid 318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 318] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 318] munmap(0x7f19eab8e000, 138412032) = 0
[pid 318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 318] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 318] close(3) = 0
[pid 318] close(4) = 0
[pid 318] mkdir("./file0", 0777) = 0
[ 32.038734][ T318] loop0: detected capacity change from 0 to 1024
[pid 318] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 318] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 318] chdir("./file0") = 0
[pid 318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 318] ioctl(4, LOOP_CLR_FD) = 0
[pid 318] close(4) = 0
[pid 318] exit_group(0) = ?
[pid 318] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=318, si_uid=0, si_status=0, si_utime=2, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs") = 0
umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/bus") = 0
[ 32.115291][ T318] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 323
./strace-static-x86_64: Process 323 attached
[pid 323] set_robust_list(0x55557c94e660, 24) = 0
[pid 323] chdir("./4") = 0
[pid 323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 323] setpgid(0, 0) = 0
[pid 323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 323] write(3, "1000", 4) = 4
[pid 323] close(3) = 0
[pid 323] symlink("/dev/binderfs", "./binderfs") = 0
[pid 323] write(1, "executing program\n", 18) = 18
[pid 323] memfd_create("syzkaller", 0) = 3
[pid 323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 323] munmap(0x7f19eab8e000, 138412032) = 0
[pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 323] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 323] close(3) = 0
[pid 323] close(4) = 0
[pid 323] mkdir("./bus", 0777) = 0
[ 32.314941][ T323] loop0: detected capacity change from 0 to 40427
[ 32.325236][ T323] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 32.333075][ T323] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 32.341893][ T323] F2FS-fs (loop0): invalid crc value
[ 32.348413][ T323] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 32.371880][ T323] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 32.378385][ T323] F2FS-fs (loop0): Start checkpoint disabled!
[ 32.384376][ T323] attempt to access beyond end of device
[ 32.384376][ T323] loop0: rw=2049, want=40968, limit=40427
[pid 323] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 323] ioctl(3, LOOP_CLR_FD) = 0
[pid 323] close(3) = 0
[pid 323] memfd_create("syzkaller", 0) = 3
[pid 323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 323] munmap(0x7f19eab8e000, 138412032) = 0
[pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 323] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 323] close(3) = 0
[pid 323] close(4) = 0
[pid 323] mkdir("./file0", 0777) = 0
[ 32.532694][ T323] loop0: detected capacity change from 0 to 1024
[pid 323] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 323] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 323] chdir("./file0") = 0
[pid 323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 323] ioctl(4, LOOP_CLR_FD) = 0
[pid 323] close(4) = 0
[pid 323] exit_group(0) = ?
[pid 323] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=323, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs") = 0
umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/bus") = 0
[ 32.606790][ T323] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x55557c94e650) = 329
./strace-static-x86_64: Process 329 attached
[pid 329] set_robust_list(0x55557c94e660, 24) = 0
[pid 329] chdir("./5") = 0
[pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 329] setpgid(0, 0) = 0
[pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 329] write(3, "1000", 4) = 4
[pid 329] close(3) = 0
[pid 329] symlink("/dev/binderfs", "./binderfs") = 0
[pid 329] write(1, "executing program\n", 18) = 18
[pid 329] memfd_create("syzkaller", 0) = 3
[pid 329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 329] munmap(0x7f19eab8e000, 138412032) = 0
[pid 329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 329] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 329] close(3) = 0
[pid 329] close(4) = 0
[pid 329] mkdir("./bus", 0777) = 0
[ 32.796982][ T329] loop0: detected capacity change from 0 to 40427
[ 32.893484][ T329] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 32.901096][ T329] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 32.910260][ T329] F2FS-fs (loop0): invalid crc value
[ 32.916797][ T329] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 32.940181][ T329] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 32.946754][ T329] F2FS-fs (loop0): Start checkpoint disabled!
[ 32.952709][ T329] attempt to access beyond end of device
[ 32.952709][ T329] loop0: rw=2049, want=40968, limit=40427
[pid 329] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 329] ioctl(3, LOOP_CLR_FD) = 0
[pid 329] close(3) = 0
[pid 329] memfd_create("syzkaller", 0) = 3
[pid 329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 329] munmap(0x7f19eab8e000, 138412032) = 0
[pid 329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 329] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 329] close(3) = 0
[pid 329] close(4) = 0
[pid 329] mkdir("./file0", 0777) = 0
[pid 329] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 329] chdir("./file0") = 0
[pid 329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 329] ioctl(4, LOOP_CLR_FD) = 0
[pid 329] close(4) = 0
[pid 329] exit_group(0) = ?
[pid 329] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=2, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs") = 0
umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/bus") = 0
[ 33.100695][ T329] loop0: detected capacity change from 0 to 1024
[ 33.111906][ T329] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 334
./strace-static-x86_64: Process 334 attached
[pid 334] set_robust_list(0x55557c94e660, 24) = 0
[pid 334] chdir("./6") = 0
[pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 334] setpgid(0, 0) = 0
[pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 334] write(3, "1000", 4) = 4
[pid 334] close(3) = 0
[pid 334] symlink("/dev/binderfs", "./binderfs") = 0
[pid 334] write(1, "executing program\n", 18executing program
) = 18
[pid 334] memfd_create("syzkaller", 0) = 3
[pid 334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 334] munmap(0x7f19eab8e000, 138412032) = 0
[pid 334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 334] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 334] close(3) = 0
[pid 334] close(4) = 0
[pid 334] mkdir("./bus", 0777) = 0
[ 33.320338][ T334] loop0: detected capacity change from 0 to 40427
[ 33.331020][ T334] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 33.338949][ T334] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 33.348007][ T334] F2FS-fs (loop0): invalid crc value
[ 33.354367][ T334] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 33.377698][ T334] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 33.384203][ T334] F2FS-fs (loop0): Start checkpoint disabled!
[ 33.390167][ T334] attempt to access beyond end of device
[ 33.390167][ T334] loop0: rw=2049, want=40968, limit=40427
[pid 334] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 334] ioctl(3, LOOP_CLR_FD) = 0
[pid 334] close(3) = 0
[pid 334] memfd_create("syzkaller", 0) = 3
[pid 334] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 334] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 334] munmap(0x7f19eab8e000, 138412032) = 0
[pid 334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 334] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 334] close(3) = 0
[pid 334] close(4) = 0
[pid 334] mkdir("./file0", 0777) = 0
[ 33.544092][ T334] loop0: detected capacity change from 0 to 1024
[pid 334] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 334] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 334] chdir("./file0") = 0
[pid 334] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 334] ioctl(4, LOOP_CLR_FD) = 0
[pid 334] close(4) = 0
[pid 334] exit_group(0) = ?
[pid 334] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=3, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs") = 0
umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/bus") = 0
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[ 33.616120][ T334] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 340
./strace-static-x86_64: Process 340 attached
[pid 340] set_robust_list(0x55557c94e660, 24) = 0
[pid 340] chdir("./7") = 0
[pid 340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 340] setpgid(0, 0) = 0
[pid 340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 340] write(3, "1000", 4) = 4
[pid 340] close(3) = 0
[pid 340] symlink("/dev/binderfs", "./binderfs") = 0
[pid 340] write(1, "executing program\n", 18executing program
) = 18
[pid 340] memfd_create("syzkaller", 0) = 3
[pid 340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 340] munmap(0x7f19eab8e000, 138412032) = 0
[pid 340] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 340] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 340] close(3) = 0
[pid 340] close(4) = 0
[pid 340] mkdir("./bus", 0777) = 0
[ 33.783287][ T340] loop0: detected capacity change from 0 to 40427
[ 33.794549][ T340] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 33.802375][ T340] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 33.812390][ T340] F2FS-fs (loop0): invalid crc value
[ 33.818824][ T340] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 33.842855][ T340] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 33.849467][ T340] F2FS-fs (loop0): Start checkpoint disabled!
[ 33.855726][ T340] attempt to access beyond end of device
[ 33.855726][ T340] loop0: rw=2049, want=40968, limit=40427
[pid 340] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 340] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 340] ioctl(3, LOOP_CLR_FD) = 0
[pid 340] close(3) = 0
[pid 340] memfd_create("syzkaller", 0) = 3
[pid 340] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 340] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 340] munmap(0x7f19eab8e000, 138412032) = 0
[pid 340] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 340] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 340] close(3) = 0
[pid 340] close(4) = 0
[pid 340] mkdir("./file0", 0777) = 0
[ 33.991595][ T340] loop0: detected capacity change from 0 to 1024
[pid 340] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 340] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 340] chdir("./file0") = 0
[pid 340] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 340] ioctl(4, LOOP_CLR_FD) = 0
[pid 340] close(4) = 0
[pid 340] exit_group(0) = ?
[pid 340] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=340, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs") = 0
umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/bus") = 0
[ 34.075186][ T340] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x55557c94e650) = 344
./strace-static-x86_64: Process 344 attached
[pid 344] set_robust_list(0x55557c94e660, 24) = 0
[pid 344] chdir("./8") = 0
[pid 344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 344] setpgid(0, 0) = 0
[pid 344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 344] write(3, "1000", 4) = 4
[pid 344] close(3) = 0
[pid 344] symlink("/dev/binderfs", "./binderfs") = 0
[pid 344] write(1, "executing program\n", 18) = 18
[pid 344] memfd_create("syzkaller", 0) = 3
[pid 344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 344] munmap(0x7f19eab8e000, 138412032) = 0
[pid 344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 344] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 344] close(3) = 0
[ 34.277970][ T344] loop0: detected capacity change from 0 to 40427
[pid 344] close(4) = 0
[pid 344] mkdir("./bus", 0777) = 0
[ 34.393418][ T344] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 34.400989][ T344] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 34.410138][ T344] F2FS-fs (loop0): invalid crc value
[ 34.416846][ T344] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 34.440282][ T344] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 34.446773][ T344] F2FS-fs (loop0): Start checkpoint disabled!
[ 34.452724][ T344] attempt to access beyond end of device
[ 34.452724][ T344] loop0: rw=2049, want=40968, limit=40427
[pid 344] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 344] ioctl(3, LOOP_CLR_FD) = 0
[pid 344] close(3) = 0
[pid 344] memfd_create("syzkaller", 0) = 3
[pid 344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 344] munmap(0x7f19eab8e000, 138412032) = 0
[pid 344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 344] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 344] close(3) = 0
[pid 344] close(4) = 0
[pid 344] mkdir("./file0", 0777) = 0
[ 34.601282][ T344] loop0: detected capacity change from 0 to 1024
[pid 344] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 344] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 344] chdir("./file0") = 0
[pid 344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 344] ioctl(4, LOOP_CLR_FD) = 0
[pid 344] close(4) = 0
[pid 344] exit_group(0) = ?
[pid 344] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=344, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs") = 0
umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/bus") = 0
[ 34.675142][ T344] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 349
./strace-static-x86_64: Process 349 attached
[pid 349] set_robust_list(0x55557c94e660, 24) = 0
[pid 349] chdir("./9") = 0
[pid 349] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 349] setpgid(0, 0) = 0
[pid 349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 349] write(3, "1000", 4) = 4
[pid 349] close(3) = 0
[pid 349] symlink("/dev/binderfs", "./binderfs") = 0
[pid 349] write(1, "executing program\n", 18executing program
) = 18
[pid 349] memfd_create("syzkaller", 0) = 3
[pid 349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 349] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 349] munmap(0x7f19eab8e000, 138412032) = 0
[pid 349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 349] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 349] close(3) = 0
[pid 349] close(4) = 0
[pid 349] mkdir("./bus", 0777) = 0
[ 34.873446][ T349] loop0: detected capacity change from 0 to 40427
[ 34.884151][ T349] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 34.892020][ T349] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 34.901357][ T349] F2FS-fs (loop0): invalid crc value
[ 34.907895][ T349] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 34.931736][ T349] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 34.938296][ T349] F2FS-fs (loop0): Start checkpoint disabled!
[ 34.944287][ T349] attempt to access beyond end of device
[ 34.944287][ T349] loop0: rw=2049, want=40968, limit=40427
[pid 349] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 349] ioctl(3, LOOP_CLR_FD) = 0
[pid 349] close(3) = 0
[pid 349] memfd_create("syzkaller", 0) = 3
[pid 349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 349] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 349] munmap(0x7f19eab8e000, 138412032) = 0
[pid 349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 349] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 349] close(3) = 0
[pid 349] close(4) = 0
[pid 349] mkdir("./file0", 0777) = 0
[ 35.103912][ T349] loop0: detected capacity change from 0 to 1024
[pid 349] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 349] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 349] chdir("./file0") = 0
[pid 349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 349] ioctl(4, LOOP_CLR_FD) = 0
[pid 349] close(4) = 0
[pid 349] exit_group(0) = ?
[pid 349] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=349, si_uid=0, si_status=0, si_utime=2, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./9/binderfs") = 0
umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/bus") = 0
[ 35.166092][ T349] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 354
./strace-static-x86_64: Process 354 attached
[pid 354] set_robust_list(0x55557c94e660, 24) = 0
[pid 354] chdir("./10") = 0
[pid 354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 354] setpgid(0, 0) = 0
[pid 354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 354] write(3, "1000", 4) = 4
[pid 354] close(3) = 0
[pid 354] symlink("/dev/binderfs", "./binderfs") = 0
[pid 354] write(1, "executing program\n", 18executing program
) = 18
[pid 354] memfd_create("syzkaller", 0) = 3
[pid 354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 354] munmap(0x7f19eab8e000, 138412032) = 0
[pid 354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 354] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 354] close(3) = 0
[pid 354] close(4) = 0
[pid 354] mkdir("./bus", 0777) = 0
[ 35.392608][ T354] loop0: detected capacity change from 0 to 40427
[ 35.483389][ T354] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 35.490966][ T354] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 35.499993][ T354] F2FS-fs (loop0): invalid crc value
[ 35.506553][ T354] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 35.530161][ T354] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 35.536687][ T354] F2FS-fs (loop0): Start checkpoint disabled!
[ 35.542658][ T354] attempt to access beyond end of device
[ 35.542658][ T354] loop0: rw=2049, want=40968, limit=40427
[pid 354] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 354] ioctl(3, LOOP_CLR_FD) = 0
[pid 354] close(3) = 0
[pid 354] memfd_create("syzkaller", 0) = 3
[pid 354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 354] munmap(0x7f19eab8e000, 138412032) = 0
[pid 354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 354] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 354] close(3) = 0
[pid 354] close(4) = 0
[pid 354] mkdir("./file0", 0777) = 0
[ 35.680850][ T354] loop0: detected capacity change from 0 to 1024
[pid 354] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 354] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 354] chdir("./file0") = 0
[pid 354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 354] ioctl(4, LOOP_CLR_FD) = 0
[pid 354] close(4) = 0
[pid 354] exit_group(0) = ?
[pid 354] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=354, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./10/binderfs") = 0
umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/bus") = 0
[ 35.765091][ T354] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 359
./strace-static-x86_64: Process 359 attached
[pid 359] set_robust_list(0x55557c94e660, 24) = 0
[pid 359] chdir("./11") = 0
[pid 359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 359] setpgid(0, 0) = 0
[pid 359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 359] write(3, "1000", 4) = 4
[pid 359] close(3) = 0
[pid 359] symlink("/dev/binderfs", "./binderfs") = 0
[pid 359] write(1, "executing program\n", 18executing program
) = 18
[pid 359] memfd_create("syzkaller", 0) = 3
[pid 359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 359] munmap(0x7f19eab8e000, 138412032) = 0
[pid 359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 359] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 359] close(3) = 0
[pid 359] close(4) = 0
[pid 359] mkdir("./bus", 0777) = 0
[ 35.959046][ T359] loop0: detected capacity change from 0 to 40427
[ 36.043363][ T359] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 36.050951][ T359] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 36.059916][ T359] F2FS-fs (loop0): invalid crc value
[ 36.066185][ T359] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 36.090083][ T359] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 36.096587][ T359] F2FS-fs (loop0): Start checkpoint disabled!
[ 36.102548][ T359] attempt to access beyond end of device
[ 36.102548][ T359] loop0: rw=2049, want=40968, limit=40427
[pid 359] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 359] ioctl(3, LOOP_CLR_FD) = 0
[pid 359] close(3) = 0
[pid 359] memfd_create("syzkaller", 0) = 3
[pid 359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 359] munmap(0x7f19eab8e000, 138412032) = 0
[pid 359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 359] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 359] close(3) = 0
[pid 359] close(4) = 0
[pid 359] mkdir("./file0", 0777) = 0
[ 36.252278][ T359] loop0: detected capacity change from 0 to 1024
[pid 359] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 359] chdir("./file0") = 0
[pid 359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 359] ioctl(4, LOOP_CLR_FD) = 0
[pid 359] close(4) = 0
[pid 359] exit_group(0) = ?
[pid 359] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=359, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./11/binderfs") = 0
umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/bus") = 0
[ 36.315289][ T359] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 363
./strace-static-x86_64: Process 363 attached
executing program
[pid 363] set_robust_list(0x55557c94e660, 24) = 0
[pid 363] chdir("./12") = 0
[pid 363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 363] setpgid(0, 0) = 0
[pid 363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 363] write(3, "1000", 4) = 4
[pid 363] close(3) = 0
[pid 363] symlink("/dev/binderfs", "./binderfs") = 0
[pid 363] write(1, "executing program\n", 18) = 18
[pid 363] memfd_create("syzkaller", 0) = 3
[pid 363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 363] munmap(0x7f19eab8e000, 138412032) = 0
[pid 363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 363] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 363] close(3) = 0
[pid 363] close(4) = 0
[pid 363] mkdir("./bus", 0777) = 0
[ 36.516195][ T363] loop0: detected capacity change from 0 to 40427
[ 36.613429][ T363] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 36.621091][ T363] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 36.630060][ T363] F2FS-fs (loop0): invalid crc value
[ 36.636431][ T363] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 36.659761][ T363] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 36.666256][ T363] F2FS-fs (loop0): Start checkpoint disabled!
[ 36.672217][ T363] attempt to access beyond end of device
[ 36.672217][ T363] loop0: rw=2049, want=40968, limit=40427
[pid 363] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 363] ioctl(3, LOOP_CLR_FD) = 0
[pid 363] close(3) = 0
[pid 363] memfd_create("syzkaller", 0) = 3
[pid 363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 363] munmap(0x7f19eab8e000, 138412032) = 0
[pid 363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 363] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 363] close(3) = 0
[pid 363] close(4) = 0
[pid 363] mkdir("./file0", 0777) = 0
[ 36.814308][ T363] loop0: detected capacity change from 0 to 1024
[pid 363] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 363] chdir("./file0") = 0
[pid 363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 363] ioctl(4, LOOP_CLR_FD) = 0
[pid 363] close(4) = 0
[pid 363] exit_group(0) = ?
[pid 363] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=363, si_uid=0, si_status=0, si_utime=2, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./12/binderfs") = 0
umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/bus") = 0
[ 36.885167][ T363] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 368
./strace-static-x86_64: Process 368 attached
[pid 368] set_robust_list(0x55557c94e660, 24) = 0
[pid 368] chdir("./13") = 0
[pid 368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 368] setpgid(0, 0) = 0
[pid 368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 368] write(3, "1000", 4) = 4
[pid 368] close(3) = 0
[pid 368] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 368] write(1, "executing program\n", 18) = 18
[pid 368] memfd_create("syzkaller", 0) = 3
[pid 368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 368] munmap(0x7f19eab8e000, 138412032) = 0
[pid 368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 368] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 368] close(3) = 0
[pid 368] close(4) = 0
[pid 368] mkdir("./bus", 0777) = 0
[ 37.072345][ T368] loop0: detected capacity change from 0 to 40427
[ 37.153407][ T368] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 37.161018][ T368] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 37.170484][ T368] F2FS-fs (loop0): invalid crc value
[ 37.176767][ T368] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 368] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 37.199973][ T368] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 37.206654][ T368] F2FS-fs (loop0): Start checkpoint disabled!
[ 37.212604][ T368] attempt to access beyond end of device
[ 37.212604][ T368] loop0: rw=2049, want=40968, limit=40427
[pid 368] ioctl(3, LOOP_CLR_FD) = 0
[pid 368] close(3) = 0
[pid 368] memfd_create("syzkaller", 0) = 3
[pid 368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 368] munmap(0x7f19eab8e000, 138412032) = 0
[pid 368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 368] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 368] close(3) = 0
[pid 368] close(4) = 0
[pid 368] mkdir("./file0", 0777) = 0
[ 37.343118][ T368] loop0: detected capacity change from 0 to 1024
[pid 368] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 368] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 368] chdir("./file0") = 0
[pid 368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 368] ioctl(4, LOOP_CLR_FD) = 0
[pid 368] close(4) = 0
[pid 368] exit_group(0) = ?
[pid 368] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=368, si_uid=0, si_status=0, si_utime=2, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./13/binderfs") = 0
umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/bus") = 0
[ 37.425094][ T368] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 372
./strace-static-x86_64: Process 372 attached
[pid 372] set_robust_list(0x55557c94e660, 24) = 0
[pid 372] chdir("./14") = 0
[pid 372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 372] setpgid(0, 0) = 0
[pid 372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 372] write(3, "1000", 4) = 4
[pid 372] close(3) = 0
[pid 372] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 372] write(1, "executing program\n", 18) = 18
[pid 372] memfd_create("syzkaller", 0) = 3
[pid 372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 372] munmap(0x7f19eab8e000, 138412032) = 0
[pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 372] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 372] close(3) = 0
[pid 372] close(4) = 0
[pid 372] mkdir("./bus", 0777) = 0
[ 37.636132][ T372] loop0: detected capacity change from 0 to 40427
[ 37.716147][ T372] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 37.723747][ T372] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 37.732581][ T372] F2FS-fs (loop0): invalid crc value
[ 37.738910][ T372] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 372] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 37.762427][ T372] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 37.769056][ T372] F2FS-fs (loop0): Start checkpoint disabled!
[ 37.775057][ T372] attempt to access beyond end of device
[ 37.775057][ T372] loop0: rw=2049, want=40968, limit=40427
[pid 372] ioctl(3, LOOP_CLR_FD) = 0
[pid 372] close(3) = 0
[pid 372] memfd_create("syzkaller", 0) = 3
[pid 372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 372] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 372] munmap(0x7f19eab8e000, 138412032) = 0
[pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 372] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 372] close(3) = 0
[pid 372] close(4) = 0
[pid 372] mkdir("./file0", 0777) = 0
[ 37.893097][ T372] loop0: detected capacity change from 0 to 1024
[pid 372] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 372] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 372] chdir("./file0") = 0
[pid 372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 372] ioctl(4, LOOP_CLR_FD) = 0
[pid 372] close(4) = 0
[pid 372] exit_group(0) = ?
[pid 372] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=372, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./14/binderfs") = 0
umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/bus") = 0
[ 37.985304][ T372] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 377
./strace-static-x86_64: Process 377 attached
[pid 377] set_robust_list(0x55557c94e660, 24) = 0
[pid 377] chdir("./15") = 0
[pid 377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 377] setpgid(0, 0) = 0
[pid 377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 377] write(3, "1000", 4) = 4
executing program
[pid 377] close(3) = 0
[pid 377] symlink("/dev/binderfs", "./binderfs") = 0
[pid 377] write(1, "executing program\n", 18) = 18
[pid 377] memfd_create("syzkaller", 0) = 3
[pid 377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 377] munmap(0x7f19eab8e000, 138412032) = 0
[pid 377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 377] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 377] close(3) = 0
[pid 377] close(4) = 0
[pid 377] mkdir("./bus", 0777) = 0
[ 38.168052][ T377] loop0: detected capacity change from 0 to 40427
[ 38.263385][ T377] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 38.271015][ T377] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 38.280103][ T377] F2FS-fs (loop0): invalid crc value
[ 38.286522][ T377] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 38.310076][ T377] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 38.316590][ T377] F2FS-fs (loop0): Start checkpoint disabled!
[ 38.322652][ T377] attempt to access beyond end of device
[ 38.322652][ T377] loop0: rw=2049, want=40968, limit=40427
[pid 377] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 377] ioctl(3, LOOP_CLR_FD) = 0
[pid 377] close(3) = 0
[pid 377] memfd_create("syzkaller", 0) = 3
[pid 377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 377] munmap(0x7f19eab8e000, 138412032) = 0
[pid 377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 377] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 377] close(3) = 0
[pid 377] close(4) = 0
[pid 377] mkdir("./file0", 0777) = 0
[ 38.480130][ T377] loop0: detected capacity change from 0 to 1024
[pid 377] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 377] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 377] chdir("./file0") = 0
[pid 377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 377] ioctl(4, LOOP_CLR_FD) = 0
[pid 377] close(4) = 0
[pid 377] exit_group(0) = ?
[pid 377] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=377, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./15/binderfs") = 0
umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/bus") = 0
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 381
./strace-static-x86_64: Process 381 attached
[pid 381] set_robust_list(0x55557c94e660, 24) = 0
[pid 381] chdir("./16") = 0
[pid 381] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 381] setpgid(0, 0) = 0
[pid 381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 381] write(3, "1000", 4) = 4
[pid 381] close(3) = 0
[pid 381] symlink("/dev/binderfs", "./binderfs") = 0
[pid 381] write(1, "executing program\n", 18) = 18
[pid 381] memfd_create("syzkaller", 0) = 3
[pid 381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[ 38.575180][ T377] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[pid 381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 381] munmap(0x7f19eab8e000, 138412032) = 0
[pid 381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 381] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 381] close(3) = 0
[pid 381] close(4) = 0
[pid 381] mkdir("./bus", 0777) = 0
[ 38.724758][ T381] loop0: detected capacity change from 0 to 40427
[ 38.736589][ T381] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 38.744408][ T381] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 38.754178][ T381] F2FS-fs (loop0): invalid crc value
[ 38.760553][ T381] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 38.784265][ T381] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 38.790745][ T381] F2FS-fs (loop0): Start checkpoint disabled!
[ 38.796809][ T381] attempt to access beyond end of device
[ 38.796809][ T381] loop0: rw=2049, want=40968, limit=40427
[pid 381] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 381] ioctl(3, LOOP_CLR_FD) = 0
[pid 381] close(3) = 0
[pid 381] memfd_create("syzkaller", 0) = 3
[pid 381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 381] munmap(0x7f19eab8e000, 138412032) = 0
[pid 381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 381] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 381] close(3) = 0
[pid 381] close(4) = 0
[pid 381] mkdir("./file0", 0777) = 0
[ 38.942574][ T381] loop0: detected capacity change from 0 to 1024
[pid 381] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 381] chdir("./file0") = 0
[pid 381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 381] ioctl(4, LOOP_CLR_FD) = 0
[pid 381] close(4) = 0
[pid 381] exit_group(0) = ?
[pid 381] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=381, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./16/binderfs") = 0
umount2("./16/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/bus") = 0
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 39.025216][ T381] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 386
./strace-static-x86_64: Process 386 attached
[pid 386] set_robust_list(0x55557c94e660, 24) = 0
[pid 386] chdir("./17") = 0
[pid 386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 386] setpgid(0, 0) = 0
[pid 386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 386] write(3, "1000", 4) = 4
[pid 386] close(3) = 0
[pid 386] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 386] write(1, "executing program\n", 18) = 18
[pid 386] memfd_create("syzkaller", 0) = 3
[pid 386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 386] munmap(0x7f19eab8e000, 138412032) = 0
[pid 386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 386] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 386] close(3) = 0
[pid 386] close(4) = 0
[pid 386] mkdir("./bus", 0777) = 0
[ 39.190117][ T386] loop0: detected capacity change from 0 to 40427
[ 39.285401][ T386] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 39.293057][ T386] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 39.302028][ T386] F2FS-fs (loop0): invalid crc value
[ 39.308535][ T386] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 39.331915][ T386] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 39.338472][ T386] F2FS-fs (loop0): Start checkpoint disabled!
[ 39.344486][ T386] attempt to access beyond end of device
[ 39.344486][ T386] loop0: rw=2049, want=40968, limit=40427
[pid 386] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 386] ioctl(3, LOOP_CLR_FD) = 0
[pid 386] close(3) = 0
[pid 386] memfd_create("syzkaller", 0) = 3
[pid 386] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 386] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 386] munmap(0x7f19eab8e000, 138412032) = 0
[pid 386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 386] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 386] close(3) = 0
[pid 386] close(4) = 0
[pid 386] mkdir("./file0", 0777) = 0
[ 39.494420][ T386] loop0: detected capacity change from 0 to 1024
[pid 386] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 386] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 386] chdir("./file0") = 0
[pid 386] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 386] ioctl(4, LOOP_CLR_FD) = 0
[pid 386] close(4) = 0
[pid 386] exit_group(0) = ?
[pid 386] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=386, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./17/binderfs") = 0
umount2("./17/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/bus") = 0
[ 39.557515][ T386] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 390
./strace-static-x86_64: Process 390 attached
[pid 390] set_robust_list(0x55557c94e660, 24) = 0
[pid 390] chdir("./18") = 0
[pid 390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 390] setpgid(0, 0) = 0
[pid 390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 390] write(3, "1000", 4) = 4
[pid 390] close(3) = 0
[pid 390] symlink("/dev/binderfs", "./binderfs") = 0
[pid 390] write(1, "executing program\n", 18executing program
) = 18
[pid 390] memfd_create("syzkaller", 0) = 3
[pid 390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 390] munmap(0x7f19eab8e000, 138412032) = 0
[pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 390] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 390] close(3) = 0
[pid 390] close(4) = 0
[pid 390] mkdir("./bus", 0777) = 0
[ 39.728293][ T390] loop0: detected capacity change from 0 to 40427
[ 39.813354][ T390] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 39.820969][ T390] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 39.829958][ T390] F2FS-fs (loop0): invalid crc value
[ 39.836280][ T390] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 39.859640][ T390] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 39.866167][ T390] F2FS-fs (loop0): Start checkpoint disabled!
[ 39.872127][ T390] attempt to access beyond end of device
[ 39.872127][ T390] loop0: rw=2049, want=40968, limit=40427
[pid 390] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 390] ioctl(3, LOOP_CLR_FD) = 0
[pid 390] close(3) = 0
[pid 390] memfd_create("syzkaller", 0) = 3
[pid 390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 390] munmap(0x7f19eab8e000, 138412032) = 0
[pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 390] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 390] close(3) = 0
[pid 390] close(4) = 0
[pid 390] mkdir("./file0", 0777) = 0
[ 40.024359][ T390] loop0: detected capacity change from 0 to 1024
[pid 390] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 390] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 390] chdir("./file0") = 0
[pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 390] ioctl(4, LOOP_CLR_FD) = 0
[pid 390] close(4) = 0
[pid 390] exit_group(0) = ?
[pid 390] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=390, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./18/binderfs") = 0
umount2("./18/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./18/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/bus") = 0
[ 40.106412][ T390] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
executing program
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 396
./strace-static-x86_64: Process 396 attached
[pid 396] set_robust_list(0x55557c94e660, 24) = 0
[pid 396] chdir("./19") = 0
[pid 396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 396] setpgid(0, 0) = 0
[pid 396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 396] write(3, "1000", 4) = 4
[pid 396] close(3) = 0
[pid 396] symlink("/dev/binderfs", "./binderfs") = 0
[pid 396] write(1, "executing program\n", 18) = 18
[pid 396] memfd_create("syzkaller", 0) = 3
[pid 396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 396] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 396] munmap(0x7f19eab8e000, 138412032) = 0
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 396] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 396] close(3) = 0
[pid 396] close(4) = 0
[pid 396] mkdir("./bus", 0777) = 0
[ 40.332729][ T396] loop0: detected capacity change from 0 to 40427
[ 40.423373][ T396] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 40.430942][ T396] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 40.440020][ T396] F2FS-fs (loop0): invalid crc value
[ 40.446417][ T396] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 40.470155][ T396] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 40.476858][ T396] F2FS-fs (loop0): Start checkpoint disabled!
[ 40.482990][ T396] attempt to access beyond end of device
[ 40.482990][ T396] loop0: rw=2049, want=40968, limit=40427
[pid 396] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 396] ioctl(3, LOOP_CLR_FD) = 0
[pid 396] close(3) = 0
[pid 396] memfd_create("syzkaller", 0) = 3
[pid 396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 396] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 396] munmap(0x7f19eab8e000, 138412032) = 0
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 396] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 396] close(3) = 0
[pid 396] close(4) = 0
[pid 396] mkdir("./file0", 0777) = 0
[ 40.634323][ T396] loop0: detected capacity change from 0 to 1024
[pid 396] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 396] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 396] chdir("./file0") = 0
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 396] ioctl(4, LOOP_CLR_FD) = 0
[pid 396] close(4) = 0
[pid 396] exit_group(0) = ?
[pid 396] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=396, si_uid=0, si_status=0, si_utime=5, si_stime=16} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./19/binderfs") = 0
umount2("./19/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./19/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/bus") = 0
[ 40.705140][ T396] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 401
./strace-static-x86_64: Process 401 attached
[pid 401] set_robust_list(0x55557c94e660, 24) = 0
[pid 401] chdir("./20") = 0
[pid 401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 401] setpgid(0, 0) = 0
[pid 401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 401] write(3, "1000", 4) = 4
[pid 401] close(3) = 0
[pid 401] symlink("/dev/binderfs", "./binderfs") = 0
[pid 401] write(1, "executing program\n", 18executing program
) = 18
[pid 401] memfd_create("syzkaller", 0) = 3
[pid 401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 401] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 401] munmap(0x7f19eab8e000, 138412032) = 0
[pid 401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 401] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 401] close(3) = 0
[pid 401] close(4) = 0
[pid 401] mkdir("./bus", 0777) = 0
[ 40.876813][ T401] loop0: detected capacity change from 0 to 40427
[ 40.973369][ T401] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 40.980983][ T401] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 40.990006][ T401] F2FS-fs (loop0): invalid crc value
[ 40.996404][ T401] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 41.019937][ T401] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 41.026466][ T401] F2FS-fs (loop0): Start checkpoint disabled!
[ 41.032425][ T401] attempt to access beyond end of device
[ 41.032425][ T401] loop0: rw=2049, want=40968, limit=40427
[pid 401] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 401] ioctl(3, LOOP_CLR_FD) = 0
[pid 401] close(3) = 0
[pid 401] memfd_create("syzkaller", 0) = 3
[pid 401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 401] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 401] munmap(0x7f19eab8e000, 138412032) = 0
[pid 401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 401] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 401] close(3) = 0
[pid 401] close(4) = 0
[pid 401] mkdir("./file0", 0777) = 0
[pid 401] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 401] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 401] chdir("./file0") = 0
[pid 401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 401] ioctl(4, LOOP_CLR_FD) = 0
[pid 401] close(4) = 0
[pid 401] exit_group(0) = ?
[pid 401] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=401, si_uid=0, si_status=0, si_utime=1, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./20/binderfs") = 0
umount2("./20/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./20/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/bus") = 0
[ 41.183661][ T401] loop0: detected capacity change from 0 to 1024
[ 41.195932][ T401] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 405
./strace-static-x86_64: Process 405 attached
[pid 405] set_robust_list(0x55557c94e660, 24) = 0
[pid 405] chdir("./21") = 0
[pid 405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 405] setpgid(0, 0) = 0
[pid 405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 405] write(3, "1000", 4) = 4
[pid 405] close(3) = 0
[pid 405] symlink("/dev/binderfs", "./binderfs") = 0
[pid 405] write(1, "executing program\n", 18) = 18
[pid 405] memfd_create("syzkaller", 0) = 3
[pid 405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 405] munmap(0x7f19eab8e000, 138412032) = 0
[pid 405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 405] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 405] close(3) = 0
[pid 405] close(4) = 0
[pid 405] mkdir("./bus", 0777) = 0
[ 41.437491][ T405] loop0: detected capacity change from 0 to 40427
[ 41.533373][ T405] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 41.540987][ T405] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 41.550217][ T405] F2FS-fs (loop0): invalid crc value
[ 41.556490][ T405] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 41.579588][ T405] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 41.586086][ T405] F2FS-fs (loop0): Start checkpoint disabled!
[ 41.592034][ T405] attempt to access beyond end of device
[ 41.592034][ T405] loop0: rw=2049, want=40968, limit=40427
[pid 405] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 405] ioctl(3, LOOP_CLR_FD) = 0
[pid 405] close(3) = 0
[pid 405] memfd_create("syzkaller", 0) = 3
[pid 405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 405] munmap(0x7f19eab8e000, 138412032) = 0
[pid 405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 405] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 405] close(3) = 0
[pid 405] close(4) = 0
[pid 405] mkdir("./file0", 0777) = 0
[ 41.744302][ T405] loop0: detected capacity change from 0 to 1024
[pid 405] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 405] chdir("./file0") = 0
[pid 405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 405] ioctl(4, LOOP_CLR_FD) = 0
[pid 405] close(4) = 0
[pid 405] exit_group(0) = ?
[pid 405] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=405, si_uid=0, si_status=0, si_utime=4, si_stime=16} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./21/binderfs") = 0
umount2("./21/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./21/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/bus") = 0
[ 41.825335][ T405] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 410
./strace-static-x86_64: Process 410 attached
[pid 410] set_robust_list(0x55557c94e660, 24) = 0
[pid 410] chdir("./22") = 0
[pid 410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 410] setpgid(0, 0) = 0
[pid 410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 410] write(3, "1000", 4) = 4
[pid 410] close(3) = 0
[pid 410] symlink("/dev/binderfs", "./binderfs") = 0
[pid 410] write(1, "executing program\n", 18executing program
) = 18
[pid 410] memfd_create("syzkaller", 0) = 3
[pid 410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 410] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 410] munmap(0x7f19eab8e000, 138412032) = 0
[pid 410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 410] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 410] close(3) = 0
[pid 410] close(4) = 0
[pid 410] mkdir("./bus", 0777) = 0
[ 42.039321][ T410] loop0: detected capacity change from 0 to 40427
[ 42.133340][ T410] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 42.141066][ T410] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 42.150047][ T410] F2FS-fs (loop0): invalid crc value
[ 42.156387][ T410] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 42.179679][ T410] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 42.186159][ T410] F2FS-fs (loop0): Start checkpoint disabled!
[ 42.192122][ T410] attempt to access beyond end of device
[ 42.192122][ T410] loop0: rw=2049, want=40968, limit=40427
[pid 410] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 410] ioctl(3, LOOP_CLR_FD) = 0
[pid 410] close(3) = 0
[pid 410] memfd_create("syzkaller", 0) = 3
[pid 410] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 410] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 410] munmap(0x7f19eab8e000, 138412032) = 0
[pid 410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 410] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 410] close(3) = 0
[pid 410] close(4) = 0
[pid 410] mkdir("./file0", 0777) = 0
[ 42.344728][ T410] loop0: detected capacity change from 0 to 1024
[pid 410] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 410] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 410] chdir("./file0") = 0
[pid 410] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 410] ioctl(4, LOOP_CLR_FD) = 0
[pid 410] close(4) = 0
[pid 410] exit_group(0) = ?
[pid 410] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=410, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./22/binderfs") = 0
umount2("./22/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./22/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/bus") = 0
[ 42.405335][ T410] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 414
./strace-static-x86_64: Process 414 attached
[pid 414] set_robust_list(0x55557c94e660, 24) = 0
executing program
[pid 414] chdir("./23") = 0
[pid 414] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 414] setpgid(0, 0) = 0
[pid 414] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 414] write(3, "1000", 4) = 4
[pid 414] close(3) = 0
[pid 414] symlink("/dev/binderfs", "./binderfs") = 0
[pid 414] write(1, "executing program\n", 18) = 18
[pid 414] memfd_create("syzkaller", 0) = 3
[pid 414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 414] munmap(0x7f19eab8e000, 138412032) = 0
[pid 414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 414] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 414] close(3) = 0
[pid 414] close(4) = 0
[pid 414] mkdir("./bus", 0777) = 0
[ 42.639068][ T414] loop0: detected capacity change from 0 to 40427
[ 42.733551][ T414] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 42.741187][ T414] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 42.750513][ T414] F2FS-fs (loop0): invalid crc value
[ 42.757013][ T414] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 414] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 42.780528][ T414] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 42.787190][ T414] F2FS-fs (loop0): Start checkpoint disabled!
[ 42.793218][ T414] attempt to access beyond end of device
[ 42.793218][ T414] loop0: rw=2049, want=40968, limit=40427
[pid 414] ioctl(3, LOOP_CLR_FD) = 0
[pid 414] close(3) = 0
[pid 414] memfd_create("syzkaller", 0) = 3
[pid 414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 414] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 414] munmap(0x7f19eab8e000, 138412032) = 0
[pid 414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 414] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 414] close(3) = 0
[pid 414] close(4) = 0
[pid 414] mkdir("./file0", 0777) = 0
[ 42.912670][ T414] loop0: detected capacity change from 0 to 1024
[pid 414] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 414] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 414] chdir("./file0") = 0
[pid 414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 414] ioctl(4, LOOP_CLR_FD) = 0
[pid 414] close(4) = 0
[pid 414] exit_group(0) = ?
[pid 414] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=414, si_uid=0, si_status=0, si_utime=0, si_stime=21} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./23/binderfs") = 0
umount2("./23/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./23/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/bus") = 0
[ 42.995068][ T414] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 419
./strace-static-x86_64: Process 419 attached
[pid 419] set_robust_list(0x55557c94e660, 24) = 0
[pid 419] chdir("./24") = 0
[pid 419] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 419] setpgid(0, 0) = 0
[pid 419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 419] write(3, "1000", 4) = 4
[pid 419] close(3) = 0
[pid 419] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 419] write(1, "executing program\n", 18) = 18
[pid 419] memfd_create("syzkaller", 0) = 3
[pid 419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 419] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 419] munmap(0x7f19eab8e000, 138412032) = 0
[pid 419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 419] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 419] close(3) = 0
[pid 419] close(4) = 0
[pid 419] mkdir("./bus", 0777) = 0
[ 43.196568][ T419] loop0: detected capacity change from 0 to 40427
[ 43.303408][ T419] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 43.311018][ T419] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 43.320004][ T419] F2FS-fs (loop0): invalid crc value
[ 43.326545][ T419] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 43.350232][ T419] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 43.356758][ T419] F2FS-fs (loop0): Start checkpoint disabled!
[ 43.362734][ T419] attempt to access beyond end of device
[ 43.362734][ T419] loop0: rw=2049, want=40968, limit=40427
[pid 419] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 419] ioctl(3, LOOP_CLR_FD) = 0
[pid 419] close(3) = 0
[pid 419] memfd_create("syzkaller", 0) = 3
[pid 419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 419] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 419] munmap(0x7f19eab8e000, 138412032) = 0
[pid 419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 419] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 419] close(3) = 0
[pid 419] close(4) = 0
[pid 419] mkdir("./file0", 0777) = 0
[ 43.513662][ T419] loop0: detected capacity change from 0 to 1024
[pid 419] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 419] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 419] chdir("./file0") = 0
[pid 419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 419] ioctl(4, LOOP_CLR_FD) = 0
[pid 419] close(4) = 0
[pid 419] exit_group(0) = ?
[pid 419] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=419, si_uid=0, si_status=0, si_utime=1, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./24/binderfs") = 0
umount2("./24/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./24/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/bus") = 0
[ 43.577590][ T419] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 424
./strace-static-x86_64: Process 424 attached
[pid 424] set_robust_list(0x55557c94e660, 24) = 0
[pid 424] chdir("./25") = 0
[pid 424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 424] setpgid(0, 0) = 0
[pid 424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 424] write(3, "1000", 4) = 4
[pid 424] close(3) = 0
[pid 424] symlink("/dev/binderfs", "./binderfs") = 0
[pid 424] write(1, "executing program\n", 18executing program
) = 18
[pid 424] memfd_create("syzkaller", 0) = 3
[pid 424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 424] munmap(0x7f19eab8e000, 138412032) = 0
[pid 424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 424] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 424] close(3) = 0
[pid 424] close(4) = 0
[pid 424] mkdir("./bus", 0777) = 0
[ 43.781338][ T424] loop0: detected capacity change from 0 to 40427
[ 43.873325][ T424] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 43.880897][ T424] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 43.890169][ T424] F2FS-fs (loop0): invalid crc value
[ 43.896661][ T424] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 43.920057][ T424] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 43.926612][ T424] F2FS-fs (loop0): Start checkpoint disabled!
[ 43.932578][ T424] attempt to access beyond end of device
[ 43.932578][ T424] loop0: rw=2049, want=40968, limit=40427
[pid 424] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 424] ioctl(3, LOOP_CLR_FD) = 0
[pid 424] close(3) = 0
[pid 424] memfd_create("syzkaller", 0) = 3
[pid 424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 424] munmap(0x7f19eab8e000, 138412032) = 0
[pid 424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 424] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 424] close(3) = 0
[pid 424] close(4) = 0
[pid 424] mkdir("./file0", 0777) = 0
[pid 424] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 424] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 424] chdir("./file0") = 0
[pid 424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 424] ioctl(4, LOOP_CLR_FD) = 0
[pid 424] close(4) = 0
[pid 424] exit_group(0) = ?
[pid 424] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=424, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./25/binderfs") = 0
umount2("./25/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./25/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/bus") = 0
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x55557c94e650) = 428
./strace-static-x86_64: Process 428 attached
[pid 428] set_robust_list(0x55557c94e660, 24) = 0
[pid 428] chdir("./26") = 0
[pid 428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 428] setpgid(0, 0) = 0
[pid 428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 428] write(3, "1000", 4) = 4
[pid 428] close(3) = 0
[pid 428] symlink("/dev/binderfs", "./binderfs") = 0
[pid 428] write(1, "executing program\n", 18) = 18
[pid 428] memfd_create("syzkaller", 0) = 3
[pid 428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[ 44.086024][ T424] loop0: detected capacity change from 0 to 1024
[ 44.101760][ T424] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[pid 428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 428] munmap(0x7f19eab8e000, 138412032) = 0
[pid 428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 428] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 428] close(3) = 0
[pid 428] close(4) = 0
[pid 428] mkdir("./bus", 0777) = 0
[ 44.256170][ T428] loop0: detected capacity change from 0 to 40427
[ 44.353401][ T428] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 44.361109][ T428] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 44.370040][ T428] F2FS-fs (loop0): invalid crc value
[ 44.376358][ T428] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 44.400194][ T428] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 44.406697][ T428] F2FS-fs (loop0): Start checkpoint disabled!
[ 44.412649][ T428] attempt to access beyond end of device
[ 44.412649][ T428] loop0: rw=2049, want=40968, limit=40427
[pid 428] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 428] ioctl(3, LOOP_CLR_FD) = 0
[pid 428] close(3) = 0
[pid 428] memfd_create("syzkaller", 0) = 3
[pid 428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 428] munmap(0x7f19eab8e000, 138412032) = 0
[pid 428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 428] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 428] close(3) = 0
[pid 428] close(4) = 0
[pid 428] mkdir("./file0", 0777) = 0
[ 44.562594][ T428] loop0: detected capacity change from 0 to 1024
[pid 428] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 428] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 428] chdir("./file0") = 0
[pid 428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 428] ioctl(4, LOOP_CLR_FD) = 0
[pid 428] close(4) = 0
[pid 428] exit_group(0) = ?
[pid 428] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=428, si_uid=0, si_status=0, si_utime=1, si_stime=21} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./26/binderfs") = 0
umount2("./26/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./26/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/bus") = 0
[ 44.605533][ T428] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 433
./strace-static-x86_64: Process 433 attached
[pid 433] set_robust_list(0x55557c94e660, 24) = 0
[pid 433] chdir("./27") = 0
[pid 433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 433] setpgid(0, 0) = 0
[pid 433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 433] write(3, "1000", 4) = 4
[pid 433] close(3) = 0
[pid 433] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 433] write(1, "executing program\n", 18) = 18
[pid 433] memfd_create("syzkaller", 0) = 3
[pid 433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 433] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 433] munmap(0x7f19eab8e000, 138412032) = 0
[pid 433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 433] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 433] close(3) = 0
[pid 433] close(4) = 0
[pid 433] mkdir("./bus", 0777) = 0
[ 44.778354][ T433] loop0: detected capacity change from 0 to 40427
[ 44.789290][ T433] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 44.797051][ T433] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 44.806041][ T433] F2FS-fs (loop0): invalid crc value
[ 44.812421][ T433] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 44.835729][ T433] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 44.842269][ T433] F2FS-fs (loop0): Start checkpoint disabled!
[ 44.848415][ T433] attempt to access beyond end of device
[ 44.848415][ T433] loop0: rw=2049, want=40968, limit=40427
[pid 433] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 433] ioctl(3, LOOP_CLR_FD) = 0
[pid 433] close(3) = 0
[pid 433] memfd_create("syzkaller", 0) = 3
[pid 433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 433] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 433] munmap(0x7f19eab8e000, 138412032) = 0
[pid 433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 433] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 433] close(3) = 0
[pid 433] close(4) = 0
[pid 433] mkdir("./file0", 0777) = 0
[pid 433] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 433] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 433] chdir("./file0") = 0
[pid 433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 433] ioctl(4, LOOP_CLR_FD) = 0
[pid 433] close(4) = 0
[pid 433] exit_group(0) = ?
[pid 433] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=433, si_uid=0, si_status=0, si_utime=3, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./27/binderfs") = 0
umount2("./27/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./27/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/bus") = 0
[ 45.001591][ T433] loop0: detected capacity change from 0 to 1024
[ 45.014985][ T433] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 438
./strace-static-x86_64: Process 438 attached
[pid 438] set_robust_list(0x55557c94e660, 24) = 0
[pid 438] chdir("./28") = 0
[pid 438] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 438] setpgid(0, 0) = 0
[pid 438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 438] write(3, "1000", 4) = 4
[pid 438] close(3) = 0
[pid 438] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 438] write(1, "executing program\n", 18) = 18
[pid 438] memfd_create("syzkaller", 0) = 3
[pid 438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 438] munmap(0x7f19eab8e000, 138412032) = 0
[pid 438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 438] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 438] close(3) = 0
[pid 438] close(4) = 0
[pid 438] mkdir("./bus", 0777) = 0
[ 45.199664][ T438] loop0: detected capacity change from 0 to 40427
[ 45.278818][ T438] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 45.286436][ T438] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 45.295441][ T438] F2FS-fs (loop0): invalid crc value
[ 45.301705][ T438] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 438] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 45.325082][ T438] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 45.331562][ T438] F2FS-fs (loop0): Start checkpoint disabled!
[ 45.337652][ T438] attempt to access beyond end of device
[ 45.337652][ T438] loop0: rw=2049, want=40968, limit=40427
[pid 438] ioctl(3, LOOP_CLR_FD) = 0
[pid 438] close(3) = 0
[pid 438] memfd_create("syzkaller", 0) = 3
[pid 438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 438] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 438] munmap(0x7f19eab8e000, 138412032) = 0
[pid 438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 438] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 438] close(3) = 0
[pid 438] close(4) = 0
[pid 438] mkdir("./file0", 0777) = 0
[ 45.455607][ T438] loop0: detected capacity change from 0 to 1024
[pid 438] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 438] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 438] chdir("./file0") = 0
[pid 438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 438] ioctl(4, LOOP_CLR_FD) = 0
[pid 438] close(4) = 0
[pid 438] exit_group(0) = ?
[pid 438] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=438, si_uid=0, si_status=0, si_utime=2, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./28/binderfs") = 0
umount2("./28/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./28/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/bus") = 0
[ 45.535080][ T438] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x55557c94e650) = 442
./strace-static-x86_64: Process 442 attached
[pid 442] set_robust_list(0x55557c94e660, 24) = 0
[pid 442] chdir("./29") = 0
[pid 442] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 442] setpgid(0, 0) = 0
[pid 442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 442] write(3, "1000", 4) = 4
[pid 442] close(3) = 0
[pid 442] symlink("/dev/binderfs", "./binderfs") = 0
[pid 442] write(1, "executing program\n", 18) = 18
[pid 442] memfd_create("syzkaller", 0) = 3
[pid 442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 442] munmap(0x7f19eab8e000, 138412032) = 0
[pid 442] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 442] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 442] close(3) = 0
[pid 442] close(4) = 0
[pid 442] mkdir("./bus", 0777) = 0
[ 45.752494][ T442] loop0: detected capacity change from 0 to 40427
[ 45.843469][ T442] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 45.851056][ T442] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 45.860369][ T442] F2FS-fs (loop0): invalid crc value
[ 45.866934][ T442] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 45.890266][ T442] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 45.896969][ T442] F2FS-fs (loop0): Start checkpoint disabled!
[ 45.903036][ T442] attempt to access beyond end of device
[ 45.903036][ T442] loop0: rw=2049, want=40968, limit=40427
[pid 442] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 442] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 442] ioctl(3, LOOP_CLR_FD) = 0
[pid 442] close(3) = 0
[pid 442] memfd_create("syzkaller", 0) = 3
[pid 442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 442] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 442] munmap(0x7f19eab8e000, 138412032) = 0
[pid 442] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 442] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 442] close(3) = 0
[pid 442] close(4) = 0
[pid 442] mkdir("./file0", 0777) = 0
[ 46.052817][ T442] loop0: detected capacity change from 0 to 1024
[pid 442] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 442] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 442] chdir("./file0") = 0
[pid 442] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 442] ioctl(4, LOOP_CLR_FD) = 0
[pid 442] close(4) = 0
[pid 442] exit_group(0) = ?
[pid 442] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=442, si_uid=0, si_status=0, si_utime=2, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./29/binderfs") = 0
umount2("./29/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./29/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/bus") = 0
[ 46.126009][ T442] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 447
./strace-static-x86_64: Process 447 attached
[pid 447] set_robust_list(0x55557c94e660, 24) = 0
[pid 447] chdir("./30") = 0
[pid 447] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 447] setpgid(0, 0) = 0
[pid 447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 447] write(3, "1000", 4) = 4
[pid 447] close(3) = 0
[pid 447] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 447] write(1, "executing program\n", 18) = 18
[pid 447] memfd_create("syzkaller", 0) = 3
[pid 447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 447] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 447] munmap(0x7f19eab8e000, 138412032) = 0
[pid 447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 447] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 447] close(3) = 0
[pid 447] close(4) = 0
[pid 447] mkdir("./bus", 0777) = 0
[ 46.312094][ T447] loop0: detected capacity change from 0 to 40427
[ 46.364914][ T447] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 46.372633][ T447] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 46.381799][ T447] F2FS-fs (loop0): invalid crc value
[ 46.388157][ T447] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 46.411394][ T447] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 46.417901][ T447] F2FS-fs (loop0): Start checkpoint disabled!
[ 46.423933][ T447] attempt to access beyond end of device
[ 46.423933][ T447] loop0: rw=2049, want=40968, limit=40427
[pid 447] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 447] ioctl(3, LOOP_CLR_FD) = 0
[pid 447] close(3) = 0
[pid 447] memfd_create("syzkaller", 0) = 3
[pid 447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 447] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 447] munmap(0x7f19eab8e000, 138412032) = 0
[pid 447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 447] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 447] close(3) = 0
[pid 447] close(4) = 0
[pid 447] mkdir("./file0", 0777) = 0
[ 46.572219][ T447] loop0: detected capacity change from 0 to 1024
[pid 447] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 447] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 447] chdir("./file0") = 0
[pid 447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 447] ioctl(4, LOOP_CLR_FD) = 0
[pid 447] close(4) = 0
[pid 447] exit_group(0) = ?
[pid 447] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=447, si_uid=0, si_status=0, si_utime=4, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./30/binderfs") = 0
umount2("./30/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./30/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/bus") = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 452
./strace-static-x86_64: Process 452 attached
[pid 452] set_robust_list(0x55557c94e660, 24) = 0
[pid 452] chdir("./31") = 0
[pid 452] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 452] setpgid(0, 0) = 0
[pid 452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 452] write(3, "1000", 4) = 4
[pid 452] close(3) = 0
[pid 452] symlink("/dev/binderfs", "./binderfs") = 0
[pid 452] write(1, "executing program\n", 18) = 18
[pid 452] memfd_create("syzkaller", 0) = 3
[pid 452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[ 46.655236][ T447] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[pid 452] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 452] munmap(0x7f19eab8e000, 138412032) = 0
[pid 452] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 452] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 452] close(3) = 0
[pid 452] close(4) = 0
[pid 452] mkdir("./bus", 0777) = 0
[ 46.803585][ T452] loop0: detected capacity change from 0 to 40427
[ 46.853423][ T452] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 46.861035][ T452] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 46.869976][ T452] F2FS-fs (loop0): invalid crc value
[ 46.876782][ T452] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 46.900647][ T452] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 46.907213][ T452] F2FS-fs (loop0): Start checkpoint disabled!
[ 46.913313][ T452] attempt to access beyond end of device
[ 46.913313][ T452] loop0: rw=2049, want=40968, limit=40427
[pid 452] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 452] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 452] ioctl(3, LOOP_CLR_FD) = 0
[pid 452] close(3) = 0
[pid 452] memfd_create("syzkaller", 0) = 3
[pid 452] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 452] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 452] munmap(0x7f19eab8e000, 138412032) = 0
[pid 452] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 452] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 452] close(3) = 0
[pid 452] close(4) = 0
[pid 452] mkdir("./file0", 0777) = 0
[pid 452] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 452] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 452] chdir("./file0") = 0
[pid 452] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 452] ioctl(4, LOOP_CLR_FD) = 0
[pid 452] close(4) = 0
[pid 452] exit_group(0) = ?
[pid 452] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=452, si_uid=0, si_status=0, si_utime=2, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./31/binderfs") = 0
umount2("./31/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./31/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/bus") = 0
[ 47.051352][ T452] loop0: detected capacity change from 0 to 1024
[ 47.061629][ T452] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 456
./strace-static-x86_64: Process 456 attached
executing program
[pid 456] set_robust_list(0x55557c94e660, 24) = 0
[pid 456] chdir("./32") = 0
[pid 456] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 456] setpgid(0, 0) = 0
[pid 456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 456] write(3, "1000", 4) = 4
[pid 456] close(3) = 0
[pid 456] symlink("/dev/binderfs", "./binderfs") = 0
[pid 456] write(1, "executing program\n", 18) = 18
[pid 456] memfd_create("syzkaller", 0) = 3
[pid 456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 456] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 456] munmap(0x7f19eab8e000, 138412032) = 0
[pid 456] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 456] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 456] close(3) = 0
[pid 456] close(4) = 0
[pid 456] mkdir("./bus", 0777) = 0
[ 47.234235][ T456] loop0: detected capacity change from 0 to 40427
[ 47.313427][ T456] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 47.321044][ T456] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 47.330378][ T456] F2FS-fs (loop0): invalid crc value
[ 47.336765][ T456] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 47.360198][ T456] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 47.366820][ T456] F2FS-fs (loop0): Start checkpoint disabled!
[ 47.372768][ T456] attempt to access beyond end of device
[ 47.372768][ T456] loop0: rw=2049, want=40968, limit=40427
[pid 456] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 456] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 456] ioctl(3, LOOP_CLR_FD) = 0
[pid 456] close(3) = 0
[pid 456] memfd_create("syzkaller", 0) = 3
[pid 456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 456] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 456] munmap(0x7f19eab8e000, 138412032) = 0
[pid 456] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 456] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 456] close(3) = 0
[pid 456] close(4) = 0
[pid 456] mkdir("./file0", 0777) = 0
[ 47.523671][ T456] loop0: detected capacity change from 0 to 1024
[pid 456] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 456] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 456] chdir("./file0") = 0
[pid 456] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 456] ioctl(4, LOOP_CLR_FD) = 0
[pid 456] close(4) = 0
[pid 456] exit_group(0) = ?
[pid 456] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=456, si_uid=0, si_status=0, si_utime=2, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./32/binderfs") = 0
umount2("./32/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./32/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/bus") = 0
[ 47.595354][ T456] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 461
./strace-static-x86_64: Process 461 attached
[pid 461] set_robust_list(0x55557c94e660, 24) = 0
[pid 461] chdir("./33") = 0
[pid 461] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program
) = 0
[pid 461] setpgid(0, 0) = 0
[pid 461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 461] write(3, "1000", 4) = 4
[pid 461] close(3) = 0
[pid 461] symlink("/dev/binderfs", "./binderfs") = 0
[pid 461] write(1, "executing program\n", 18) = 18
[pid 461] memfd_create("syzkaller", 0) = 3
[pid 461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 461] munmap(0x7f19eab8e000, 138412032) = 0
[pid 461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 461] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 461] close(3) = 0
[pid 461] close(4) = 0
[pid 461] mkdir("./bus", 0777) = 0
[ 47.781781][ T461] loop0: detected capacity change from 0 to 40427
[ 47.863359][ T461] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 47.870933][ T461] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 47.880107][ T461] F2FS-fs (loop0): invalid crc value
[ 47.886493][ T461] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 47.910069][ T461] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 47.916587][ T461] F2FS-fs (loop0): Start checkpoint disabled!
[ 47.922671][ T461] attempt to access beyond end of device
[ 47.922671][ T461] loop0: rw=2049, want=40968, limit=40427
[pid 461] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 461] ioctl(3, LOOP_CLR_FD) = 0
[pid 461] close(3) = 0
[pid 461] memfd_create("syzkaller", 0) = 3
[pid 461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 461] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 461] munmap(0x7f19eab8e000, 138412032) = 0
[pid 461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 461] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 461] close(3) = 0
[pid 461] close(4) = 0
[pid 461] mkdir("./file0", 0777) = 0
[ 48.072037][ T461] loop0: detected capacity change from 0 to 1024
[pid 461] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 461] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 461] chdir("./file0") = 0
[pid 461] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 461] ioctl(4, LOOP_CLR_FD) = 0
[pid 461] close(4) = 0
[pid 461] exit_group(0) = ?
[pid 461] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=461, si_uid=0, si_status=0, si_utime=4, si_stime=16} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./33/binderfs") = 0
umount2("./33/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./33/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/bus") = 0
[ 48.145181][ T461] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 465
./strace-static-x86_64: Process 465 attached
[pid 465] set_robust_list(0x55557c94e660, 24) = 0
[pid 465] chdir("./34") = 0
[pid 465] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 465] setpgid(0, 0) = 0
[pid 465] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 465] write(3, "1000", 4) = 4
[pid 465] close(3) = 0
[pid 465] symlink("/dev/binderfs", "./binderfs") = 0
[pid 465] write(1, "executing program\n", 18executing program
) = 18
[pid 465] memfd_create("syzkaller", 0) = 3
[pid 465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 465] munmap(0x7f19eab8e000, 138412032) = 0
[pid 465] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 465] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 465] close(3) = 0
[pid 465] close(4) = 0
[pid 465] mkdir("./bus", 0777) = 0
[ 48.360688][ T465] loop0: detected capacity change from 0 to 40427
[ 48.443494][ T465] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 48.451072][ T465] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 48.460062][ T465] F2FS-fs (loop0): invalid crc value
[ 48.466601][ T465] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 48.490102][ T465] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 48.496612][ T465] F2FS-fs (loop0): Start checkpoint disabled!
[ 48.502572][ T465] attempt to access beyond end of device
[ 48.502572][ T465] loop0: rw=2049, want=40968, limit=40427
[pid 465] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 465] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 465] ioctl(3, LOOP_CLR_FD) = 0
[pid 465] close(3) = 0
[pid 465] memfd_create("syzkaller", 0) = 3
[pid 465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 465] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 465] munmap(0x7f19eab8e000, 138412032) = 0
[pid 465] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 465] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 465] close(3) = 0
[pid 465] close(4) = 0
[pid 465] mkdir("./file0", 0777) = 0
[pid 465] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 465] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 465] chdir("./file0") = 0
[pid 465] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 465] ioctl(4, LOOP_CLR_FD) = 0
[pid 465] close(4) = 0
[pid 465] exit_group(0) = ?
[pid 465] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=465, si_uid=0, si_status=0, si_utime=1, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./34/binderfs") = 0
umount2("./34/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./34/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/bus") = 0
[ 48.641407][ T465] loop0: detected capacity change from 0 to 1024
[ 48.651787][ T465] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 470
./strace-static-x86_64: Process 470 attached
[pid 470] set_robust_list(0x55557c94e660, 24) = 0
[pid 470] chdir("./35") = 0
[pid 470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 470] setpgid(0, 0) = 0
[pid 470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 470] write(3, "1000", 4) = 4
[pid 470] close(3) = 0
[pid 470] symlink("/dev/binderfs", "./binderfs") = 0
[pid 470] write(1, "executing program\n", 18executing program
) = 18
[pid 470] memfd_create("syzkaller", 0) = 3
[pid 470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 470] munmap(0x7f19eab8e000, 138412032) = 0
[pid 470] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 470] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 470] close(3) = 0
[pid 470] close(4) = 0
[pid 470] mkdir("./bus", 0777) = 0
[ 48.878370][ T470] loop0: detected capacity change from 0 to 40427
[ 48.973524][ T470] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 48.981160][ T470] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 48.990363][ T470] F2FS-fs (loop0): invalid crc value
[ 48.996721][ T470] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 470] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 470] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 49.020075][ T470] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 49.026562][ T470] F2FS-fs (loop0): Start checkpoint disabled!
[ 49.032721][ T470] attempt to access beyond end of device
[ 49.032721][ T470] loop0: rw=2049, want=40968, limit=40427
[pid 470] ioctl(3, LOOP_CLR_FD) = 0
[pid 470] close(3) = 0
[pid 470] memfd_create("syzkaller", 0) = 3
[pid 470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 470] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 470] munmap(0x7f19eab8e000, 138412032) = 0
[pid 470] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 470] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 470] close(3) = 0
[pid 470] close(4) = 0
[pid 470] mkdir("./file0", 0777) = 0
[pid 470] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 470] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 470] chdir("./file0") = 0
[pid 470] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 470] ioctl(4, LOOP_CLR_FD) = 0
[pid 470] close(4) = 0
[pid 470] exit_group(0) = ?
[pid 470] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=470, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./35/binderfs") = 0
umount2("./35/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./35/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/bus") = 0
[ 49.171291][ T470] loop0: detected capacity change from 0 to 1024
[ 49.180721][ T470] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./35") = 0
mkdir("./36", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 474
./strace-static-x86_64: Process 474 attached
[pid 474] set_robust_list(0x55557c94e660, 24) = 0
[pid 474] chdir("./36"executing program
) = 0
[pid 474] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 474] setpgid(0, 0) = 0
[pid 474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 474] write(3, "1000", 4) = 4
[pid 474] close(3) = 0
[pid 474] symlink("/dev/binderfs", "./binderfs") = 0
[pid 474] write(1, "executing program\n", 18) = 18
[pid 474] memfd_create("syzkaller", 0) = 3
[pid 474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 474] munmap(0x7f19eab8e000, 138412032) = 0
[pid 474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 474] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 474] close(3) = 0
[pid 474] close(4) = 0
[pid 474] mkdir("./bus", 0777) = 0
[ 49.357246][ T474] loop0: detected capacity change from 0 to 40427
[ 49.369008][ T474] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 49.376909][ T474] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 49.386349][ T474] F2FS-fs (loop0): invalid crc value
[ 49.392636][ T474] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 49.416642][ T474] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 49.423178][ T474] F2FS-fs (loop0): Start checkpoint disabled!
[ 49.429137][ T474] attempt to access beyond end of device
[ 49.429137][ T474] loop0: rw=2049, want=40968, limit=40427
[pid 474] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 474] ioctl(3, LOOP_CLR_FD) = 0
[pid 474] close(3) = 0
[pid 474] memfd_create("syzkaller", 0) = 3
[pid 474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 474] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 474] munmap(0x7f19eab8e000, 138412032) = 0
[pid 474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 474] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 474] close(3) = 0
[pid 474] close(4) = 0
[pid 474] mkdir("./file0", 0777) = 0
[ 49.565103][ T474] loop0: detected capacity change from 0 to 1024
[pid 474] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 474] chdir("./file0") = 0
[pid 474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 474] ioctl(4, LOOP_CLR_FD) = 0
[pid 474] close(4) = 0
[pid 474] exit_group(0) = ?
[pid 474] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=474, si_uid=0, si_status=0, si_utime=1, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./36/binderfs") = 0
umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./36/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/bus") = 0
[ 49.616372][ T474] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./36") = 0
mkdir("./37", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x55557c94e650) = 480
./strace-static-x86_64: Process 480 attached
[pid 480] set_robust_list(0x55557c94e660, 24) = 0
[pid 480] chdir("./37") = 0
[pid 480] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 480] setpgid(0, 0) = 0
[pid 480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 480] write(3, "1000", 4) = 4
[pid 480] close(3) = 0
[pid 480] symlink("/dev/binderfs", "./binderfs") = 0
[pid 480] write(1, "executing program\n", 18) = 18
[pid 480] memfd_create("syzkaller", 0) = 3
[pid 480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 480] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 480] munmap(0x7f19eab8e000, 138412032) = 0
[pid 480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 480] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 480] close(3) = 0
[pid 480] close(4) = 0
[pid 480] mkdir("./bus", 0777) = 0
[ 49.837910][ T480] loop0: detected capacity change from 0 to 40427
[ 49.923387][ T480] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 49.930996][ T480] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 49.940183][ T480] F2FS-fs (loop0): invalid crc value
[ 49.946566][ T480] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 49.970653][ T480] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 49.977499][ T480] F2FS-fs (loop0): Start checkpoint disabled!
[ 49.983562][ T480] attempt to access beyond end of device
[ 49.983562][ T480] loop0: rw=2049, want=40968, limit=40427
[pid 480] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 480] ioctl(3, LOOP_CLR_FD) = 0
[pid 480] close(3) = 0
[pid 480] memfd_create("syzkaller", 0) = 3
[pid 480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 480] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 480] munmap(0x7f19eab8e000, 138412032) = 0
[pid 480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 480] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 480] close(3) = 0
[pid 480] close(4) = 0
[pid 480] mkdir("./file0", 0777) = 0
[ 50.123205][ T480] loop0: detected capacity change from 0 to 1024
[pid 480] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 480] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 480] chdir("./file0") = 0
[pid 480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 480] ioctl(4, LOOP_CLR_FD) = 0
[pid 480] close(4) = 0
[pid 480] exit_group(0) = ?
[pid 480] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=480, si_uid=0, si_status=0, si_utime=1, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./37/binderfs") = 0
umount2("./37/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./37/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/bus") = 0
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
[ 50.186536][ T480] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
rmdir("./37") = 0
mkdir("./38", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 485
./strace-static-x86_64: Process 485 attached
[pid 485] set_robust_list(0x55557c94e660, 24) = 0
[pid 485] chdir("./38") = 0
[pid 485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 485] setpgid(0, 0) = 0
[pid 485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 485] write(3, "1000", 4) = 4
[pid 485] close(3) = 0
[pid 485] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 485] write(1, "executing program\n", 18) = 18
[pid 485] memfd_create("syzkaller", 0) = 3
[pid 485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 485] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 485] munmap(0x7f19eab8e000, 138412032) = 0
[pid 485] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 485] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 485] close(3) = 0
[pid 485] close(4) = 0
[pid 485] mkdir("./bus", 0777) = 0
[ 50.344705][ T485] loop0: detected capacity change from 0 to 40427
[ 50.358142][ T485] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 50.365923][ T485] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 50.375066][ T485] F2FS-fs (loop0): invalid crc value
[ 50.381338][ T485] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 50.404969][ T485] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 50.411686][ T485] F2FS-fs (loop0): Start checkpoint disabled!
[ 50.417924][ T485] attempt to access beyond end of device
[ 50.417924][ T485] loop0: rw=2049, want=40968, limit=40427
[pid 485] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 485] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 485] ioctl(3, LOOP_CLR_FD) = 0
[pid 485] close(3) = 0
[pid 485] memfd_create("syzkaller", 0) = 3
[pid 485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 485] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 485] munmap(0x7f19eab8e000, 138412032) = 0
[pid 485] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 485] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 485] close(3) = 0
[pid 485] close(4) = 0
[pid 485] mkdir("./file0", 0777) = 0
[ 50.562294][ T485] loop0: detected capacity change from 0 to 1024
[pid 485] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 485] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 485] chdir("./file0") = 0
[pid 485] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 485] ioctl(4, LOOP_CLR_FD) = 0
[pid 485] close(4) = 0
[pid 485] exit_group(0) = ?
[pid 485] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=485, si_uid=0, si_status=0, si_utime=3, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./38/binderfs") = 0
umount2("./38/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./38/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/bus") = 0
[ 50.645521][ T485] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./38") = 0
mkdir("./39", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 490
./strace-static-x86_64: Process 490 attached
[pid 490] set_robust_list(0x55557c94e660, 24) = 0
[pid 490] chdir("./39") = 0
[pid 490] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 490] setpgid(0, 0) = 0
executing program
[pid 490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 490] write(3, "1000", 4) = 4
[pid 490] close(3) = 0
[pid 490] symlink("/dev/binderfs", "./binderfs") = 0
[pid 490] write(1, "executing program\n", 18) = 18
[pid 490] memfd_create("syzkaller", 0) = 3
[pid 490] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 490] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 490] munmap(0x7f19eab8e000, 138412032) = 0
[pid 490] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 490] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 490] close(3) = 0
[pid 490] close(4) = 0
[pid 490] mkdir("./bus", 0777) = 0
[ 50.872582][ T490] loop0: detected capacity change from 0 to 40427
[ 50.963400][ T490] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 50.971016][ T490] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 50.980133][ T490] F2FS-fs (loop0): invalid crc value
[ 50.986485][ T490] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 51.010750][ T490] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 51.017388][ T490] F2FS-fs (loop0): Start checkpoint disabled!
[ 51.023391][ T490] attempt to access beyond end of device
[ 51.023391][ T490] loop0: rw=2049, want=40968, limit=40427
[pid 490] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 490] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 490] ioctl(3, LOOP_CLR_FD) = 0
[pid 490] close(3) = 0
[pid 490] memfd_create("syzkaller", 0) = 3
[pid 490] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 490] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 490] munmap(0x7f19eab8e000, 138412032) = 0
[pid 490] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 490] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 490] close(3) = 0
[pid 490] close(4) = 0
[pid 490] mkdir("./file0", 0777) = 0
[ 51.153296][ T490] loop0: detected capacity change from 0 to 1024
[pid 490] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 490] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 490] chdir("./file0") = 0
[pid 490] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 490] ioctl(4, LOOP_CLR_FD) = 0
[pid 490] close(4) = 0
[pid 490] exit_group(0) = ?
[pid 490] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=490, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./39/binderfs") = 0
umount2("./39/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./39/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/bus") = 0
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
[ 51.224935][ T490] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./39") = 0
mkdir("./40", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 495
./strace-static-x86_64: Process 495 attached
[pid 495] set_robust_list(0x55557c94e660, 24) = 0
[pid 495] chdir("./40") = 0
[pid 495] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 495] setpgid(0, 0) = 0
[pid 495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 495] write(3, "1000", 4) = 4
[pid 495] close(3) = 0
[pid 495] symlink("/dev/binderfs", "./binderfs") = 0
[pid 495] write(1, "executing program\n", 18executing program
) = 18
[pid 495] memfd_create("syzkaller", 0) = 3
[pid 495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 495] munmap(0x7f19eab8e000, 138412032) = 0
[pid 495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 495] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 495] close(3) = 0
[pid 495] close(4) = 0
[pid 495] mkdir("./bus", 0777) = 0
[ 51.389263][ T495] loop0: detected capacity change from 0 to 40427
[ 51.483336][ T495] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 51.490943][ T495] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 51.499882][ T495] F2FS-fs (loop0): invalid crc value
[ 51.506331][ T495] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 51.530136][ T495] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 51.536840][ T495] F2FS-fs (loop0): Start checkpoint disabled!
[ 51.542997][ T495] attempt to access beyond end of device
[ 51.542997][ T495] loop0: rw=2049, want=40968, limit=40427
[pid 495] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 495] ioctl(3, LOOP_CLR_FD) = 0
[pid 495] close(3) = 0
[pid 495] memfd_create("syzkaller", 0) = 3
[pid 495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 495] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 495] munmap(0x7f19eab8e000, 138412032) = 0
[pid 495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 495] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 495] close(3) = 0
[pid 495] close(4) = 0
[pid 495] mkdir("./file0", 0777) = 0
[ 51.683288][ T495] loop0: detected capacity change from 0 to 1024
[pid 495] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 495] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 495] chdir("./file0") = 0
[pid 495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 495] ioctl(4, LOOP_CLR_FD) = 0
[pid 495] close(4) = 0
[pid 495] exit_group(0) = ?
[pid 495] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=495, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./40/binderfs") = 0
umount2("./40/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./40/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/bus") = 0
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 51.765330][ T495] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./40") = 0
mkdir("./41", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 500
./strace-static-x86_64: Process 500 attached
[pid 500] set_robust_list(0x55557c94e660, 24) = 0
[pid 500] chdir("./41") = 0
[pid 500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 500] setpgid(0, 0) = 0
[pid 500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 500] write(3, "1000", 4) = 4
[pid 500] close(3) = 0
[pid 500] symlink("/dev/binderfs", "./binderfs") = 0
[pid 500] write(1, "executing program\n", 18executing program
) = 18
[pid 500] memfd_create("syzkaller", 0) = 3
[pid 500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 500] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 500] munmap(0x7f19eab8e000, 138412032) = 0
[pid 500] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 500] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 500] close(3) = 0
[pid 500] close(4) = 0
[pid 500] mkdir("./bus", 0777) = 0
[ 51.928086][ T500] loop0: detected capacity change from 0 to 40427
[ 52.023381][ T500] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 52.031140][ T500] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 52.040224][ T500] F2FS-fs (loop0): invalid crc value
[ 52.046624][ T500] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 52.070177][ T500] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 52.076730][ T500] F2FS-fs (loop0): Start checkpoint disabled!
[ 52.082690][ T500] attempt to access beyond end of device
[ 52.082690][ T500] loop0: rw=2049, want=40968, limit=40427
[pid 500] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 500] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 500] ioctl(3, LOOP_CLR_FD) = 0
[pid 500] close(3) = 0
[pid 500] memfd_create("syzkaller", 0) = 3
[pid 500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 500] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 500] munmap(0x7f19eab8e000, 138412032) = 0
[pid 500] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 500] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 500] close(3) = 0
[pid 500] close(4) = 0
[pid 500] mkdir("./file0", 0777) = 0
[pid 500] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 500] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 500] chdir("./file0") = 0
[pid 500] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 500] ioctl(4, LOOP_CLR_FD) = 0
[pid 500] close(4) = 0
[pid 500] exit_group(0) = ?
[pid 500] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=500, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./41/binderfs") = 0
umount2("./41/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./41/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/bus") = 0
[ 52.230588][ T500] loop0: detected capacity change from 0 to 1024
[ 52.240785][ T500] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./41") = 0
mkdir("./42", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 505
./strace-static-x86_64: Process 505 attached
[pid 505] set_robust_list(0x55557c94e660, 24) = 0
[pid 505] chdir("./42") = 0
[pid 505] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 505] setpgid(0, 0) = 0
[pid 505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 505] write(3, "1000", 4) = 4
[pid 505] close(3) = 0
[pid 505] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 505] write(1, "executing program\n", 18) = 18
[pid 505] memfd_create("syzkaller", 0) = 3
[pid 505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 505] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 505] munmap(0x7f19eab8e000, 138412032) = 0
[pid 505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 505] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 505] close(3) = 0
[pid 505] close(4) = 0
[pid 505] mkdir("./bus", 0777) = 0
[ 52.405940][ T505] loop0: detected capacity change from 0 to 40427
[ 52.483360][ T505] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 52.490976][ T505] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 52.499905][ T505] F2FS-fs (loop0): invalid crc value
[ 52.506337][ T505] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 52.529864][ T505] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 52.536445][ T505] F2FS-fs (loop0): Start checkpoint disabled!
[ 52.542395][ T505] attempt to access beyond end of device
[ 52.542395][ T505] loop0: rw=2049, want=40968, limit=40427
[pid 505] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 505] ioctl(3, LOOP_CLR_FD) = 0
[pid 505] close(3) = 0
[pid 505] memfd_create("syzkaller", 0) = 3
[pid 505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 505] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 505] munmap(0x7f19eab8e000, 138412032) = 0
[pid 505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 505] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 505] close(3) = 0
[pid 505] close(4) = 0
[pid 505] mkdir("./file0", 0777) = 0
[pid 505] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 505] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 505] chdir("./file0") = 0
[pid 505] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 505] ioctl(4, LOOP_CLR_FD) = 0
[pid 505] close(4) = 0
[pid 505] exit_group(0) = ?
[pid 505] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=505, si_uid=0, si_status=0, si_utime=2, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./42/binderfs") = 0
umount2("./42/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./42/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/bus") = 0
[ 52.670518][ T505] loop0: detected capacity change from 0 to 1024
[ 52.679677][ T505] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./42") = 0
mkdir("./43", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 510
./strace-static-x86_64: Process 510 attached
[pid 510] set_robust_list(0x55557c94e660, 24) = 0
[pid 510] chdir("./43") = 0
[pid 510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 510] setpgid(0, 0) = 0
[pid 510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 510] write(3, "1000", 4) = 4
[pid 510] close(3) = 0
[pid 510] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 510] write(1, "executing program\n", 18) = 18
[pid 510] memfd_create("syzkaller", 0) = 3
[pid 510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 510] munmap(0x7f19eab8e000, 138412032) = 0
[pid 510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 510] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 510] close(3) = 0
[pid 510] close(4) = 0
[pid 510] mkdir("./bus", 0777) = 0
[ 52.865422][ T510] loop0: detected capacity change from 0 to 40427
[ 52.943386][ T510] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 52.951140][ T510] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 52.960084][ T510] F2FS-fs (loop0): invalid crc value
[ 52.966477][ T510] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 52.989779][ T510] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 52.996294][ T510] F2FS-fs (loop0): Start checkpoint disabled!
[ 53.002244][ T510] attempt to access beyond end of device
[ 53.002244][ T510] loop0: rw=2049, want=40968, limit=40427
[pid 510] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 510] ioctl(3, LOOP_CLR_FD) = 0
[pid 510] close(3) = 0
[pid 510] memfd_create("syzkaller", 0) = 3
[pid 510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 510] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 510] munmap(0x7f19eab8e000, 138412032) = 0
[pid 510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 510] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 510] close(3) = 0
[pid 510] close(4) = 0
[pid 510] mkdir("./file0", 0777) = 0
[ 53.154853][ T510] loop0: detected capacity change from 0 to 1024
[pid 510] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 510] chdir("./file0") = 0
[pid 510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 510] ioctl(4, LOOP_CLR_FD) = 0
[pid 510] close(4) = 0
[pid 510] exit_group(0) = ?
[pid 510] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=510, si_uid=0, si_status=0, si_utime=2, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./43/binderfs") = 0
umount2("./43/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./43/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/bus") = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 53.225153][ T510] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./43") = 0
mkdir("./44", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 514
./strace-static-x86_64: Process 514 attached
[pid 514] set_robust_list(0x55557c94e660, 24) = 0
[pid 514] chdir("./44") = 0
[pid 514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 514] setpgid(0, 0) = 0
[pid 514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 514] write(3, "1000", 4) = 4
[pid 514] close(3) = 0
[pid 514] symlink("/dev/binderfs", "./binderfs") = 0
[pid 514] write(1, "executing program\n", 18executing program
) = 18
[pid 514] memfd_create("syzkaller", 0) = 3
[pid 514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 514] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 514] munmap(0x7f19eab8e000, 138412032) = 0
[pid 514] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 514] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 514] close(3) = 0
[pid 514] close(4) = 0
[pid 514] mkdir("./bus", 0777) = 0
[ 53.389760][ T514] loop0: detected capacity change from 0 to 40427
[ 53.483400][ T514] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 53.491017][ T514] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 53.499933][ T514] F2FS-fs (loop0): invalid crc value
[ 53.506389][ T514] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 514] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 514] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 53.529479][ T514] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 53.535971][ T514] F2FS-fs (loop0): Start checkpoint disabled!
[ 53.542060][ T514] attempt to access beyond end of device
[ 53.542060][ T514] loop0: rw=2049, want=40968, limit=40427
[pid 514] ioctl(3, LOOP_CLR_FD) = 0
[pid 514] close(3) = 0
[pid 514] memfd_create("syzkaller", 0) = 3
[pid 514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 514] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 514] munmap(0x7f19eab8e000, 138412032) = 0
[pid 514] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 514] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 514] close(3) = 0
[pid 514] close(4) = 0
[pid 514] mkdir("./file0", 0777) = 0
[pid 514] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 514] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 514] chdir("./file0") = 0
[pid 514] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 514] ioctl(4, LOOP_CLR_FD) = 0
[pid 514] close(4) = 0
[pid 514] exit_group(0) = ?
[pid 514] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=514, si_uid=0, si_status=0, si_utime=3, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./44/binderfs") = 0
umount2("./44/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./44/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./44/bus") = 0
[ 53.671011][ T514] loop0: detected capacity change from 0 to 1024
[ 53.679904][ T514] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./44/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./44") = 0
mkdir("./45", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x55557c94e650) = 519
./strace-static-x86_64: Process 519 attached
[pid 519] set_robust_list(0x55557c94e660, 24) = 0
[pid 519] chdir("./45") = 0
[pid 519] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 519] setpgid(0, 0) = 0
[pid 519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 519] write(3, "1000", 4) = 4
[pid 519] close(3) = 0
[pid 519] symlink("/dev/binderfs", "./binderfs") = 0
[pid 519] write(1, "executing program\n", 18) = 18
[pid 519] memfd_create("syzkaller", 0) = 3
[pid 519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 519] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 519] munmap(0x7f19eab8e000, 138412032) = 0
[pid 519] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 519] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 519] close(3) = 0
[pid 519] close(4) = 0
[pid 519] mkdir("./bus", 0777) = 0
[ 53.856436][ T519] loop0: detected capacity change from 0 to 40427
[ 53.953394][ T519] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 53.961008][ T519] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 53.970030][ T519] F2FS-fs (loop0): invalid crc value
[ 53.976335][ T519] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 53.999456][ T519] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 54.005964][ T519] F2FS-fs (loop0): Start checkpoint disabled!
[ 54.011914][ T519] attempt to access beyond end of device
[ 54.011914][ T519] loop0: rw=2049, want=40968, limit=40427
[pid 519] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 519] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 519] ioctl(3, LOOP_CLR_FD) = 0
[pid 519] close(3) = 0
[pid 519] memfd_create("syzkaller", 0) = 3
[pid 519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 519] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 519] munmap(0x7f19eab8e000, 138412032) = 0
[pid 519] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 519] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 519] close(3) = 0
[pid 519] close(4) = 0
[pid 519] mkdir("./file0", 0777) = 0
[ 54.160263][ T519] loop0: detected capacity change from 0 to 1024
[pid 519] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 519] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 519] chdir("./file0") = 0
[pid 519] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 519] ioctl(4, LOOP_CLR_FD) = 0
[pid 519] close(4) = 0
[pid 519] exit_group(0) = ?
[pid 519] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=519, si_uid=0, si_status=0, si_utime=4, si_stime=16} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./45/binderfs") = 0
umount2("./45/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./45/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/bus") = 0
[ 54.235289][ T519] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./45") = 0
mkdir("./46", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 523
./strace-static-x86_64: Process 523 attached
[pid 523] set_robust_list(0x55557c94e660, 24) = 0
[pid 523] chdir("./46") = 0
[pid 523] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 523] setpgid(0, 0) = 0
[pid 523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 523] write(3, "1000", 4) = 4
[pid 523] close(3) = 0
[pid 523] symlink("/dev/binderfs", "./binderfs") = 0
[pid 523] write(1, "executing program\n", 18executing program
) = 18
[pid 523] memfd_create("syzkaller", 0) = 3
[pid 523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 523] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 523] munmap(0x7f19eab8e000, 138412032) = 0
[pid 523] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 523] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 523] close(3) = 0
[pid 523] close(4) = 0
[pid 523] mkdir("./bus", 0777) = 0
[ 54.436422][ T523] loop0: detected capacity change from 0 to 40427
[ 54.533358][ T523] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 54.540977][ T523] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 54.550080][ T523] F2FS-fs (loop0): invalid crc value
[ 54.556569][ T523] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 54.579843][ T523] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 54.586330][ T523] F2FS-fs (loop0): Start checkpoint disabled!
[ 54.592398][ T523] attempt to access beyond end of device
[ 54.592398][ T523] loop0: rw=2049, want=40968, limit=40427
[pid 523] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 523] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 523] ioctl(3, LOOP_CLR_FD) = 0
[pid 523] close(3) = 0
[pid 523] memfd_create("syzkaller", 0) = 3
[pid 523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 523] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 523] munmap(0x7f19eab8e000, 138412032) = 0
[pid 523] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 523] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 523] close(3) = 0
[pid 523] close(4) = 0
[pid 523] mkdir("./file0", 0777) = 0
[ 54.734677][ T523] loop0: detected capacity change from 0 to 1024
[pid 523] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 523] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 523] chdir("./file0") = 0
[pid 523] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 523] ioctl(4, LOOP_CLR_FD) = 0
[pid 523] close(4) = 0
[pid 523] exit_group(0) = ?
[pid 523] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=523, si_uid=0, si_status=0, si_utime=1, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./46/binderfs") = 0
umount2("./46/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./46/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/bus") = 0
[ 54.802045][ T523] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./46") = 0
mkdir("./47", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 528
./strace-static-x86_64: Process 528 attached
[pid 528] set_robust_list(0x55557c94e660, 24) = 0
[pid 528] chdir("./47") = 0
[pid 528] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 528] setpgid(0, 0) = 0
[pid 528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 528] write(3, "1000", 4) = 4
[pid 528] close(3) = 0
[pid 528] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 528] write(1, "executing program\n", 18) = 18
[pid 528] memfd_create("syzkaller", 0) = 3
[pid 528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 528] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 528] munmap(0x7f19eab8e000, 138412032) = 0
[pid 528] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 528] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 528] close(3) = 0
[pid 528] close(4) = 0
[pid 528] mkdir("./bus", 0777) = 0
[ 54.994326][ T528] loop0: detected capacity change from 0 to 40427
[ 55.074756][ T528] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 55.082325][ T528] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 55.091275][ T528] F2FS-fs (loop0): invalid crc value
[ 55.097814][ T528] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 528] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = 0
[pid 528] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 528] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 528] ioctl(4, LOOP_CLR_FD) = 0
[pid 528] close(4) = 0
[pid 528] memfd_create("syzkaller", 0) = 4
[pid 528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 528] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 528] munmap(0x7f19eab8e000, 138412032) = 0
[pid 528] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid 528] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 528] ioctl(5, LOOP_CLR_FD) = 0
[pid 528] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 528] close(5) = 0
[pid 528] close(4) = 0
[pid 528] exit_group(0) = ?
[pid 528] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=528, si_uid=0, si_status=0, si_utime=4, si_stime=11} ---
[ 55.121385][ T528] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 55.127943][ T528] F2FS-fs (loop0): Start checkpoint disabled!
[ 55.134970][ T528] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 55.141825][ T528] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 4 entries */, 32768) = 104
umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./47/binderfs") = 0
[ 55.166083][ T528] syz-executor215 (528) used greatest stack depth: 21696 bytes left
umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./47/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./47/bus") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./47") = 0
mkdir("./48", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 532
./strace-static-x86_64: Process 532 attached
[pid 532] set_robust_list(0x55557c94e660, 24) = 0
[pid 532] chdir("./48") = 0
[pid 532] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 532] setpgid(0, 0) = 0
[pid 532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 532] write(3, "1000", 4) = 4
[pid 532] close(3) = 0
[pid 532] symlink("/dev/binderfs", "./binderfs") = 0
[pid 532] write(1, "executing program\n", 18executing program
) = 18
[pid 532] memfd_create("syzkaller", 0) = 3
[pid 532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 532] munmap(0x7f19eab8e000, 138412032) = 0
[pid 532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 532] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 532] close(3) = 0
[pid 532] close(4) = 0
[pid 532] mkdir("./bus", 0777) = 0
[ 55.394729][ T532] loop0: detected capacity change from 0 to 40427
[ 55.473344][ T532] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 55.480973][ T532] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 55.489892][ T532] F2FS-fs (loop0): invalid crc value
[ 55.496188][ T532] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 55.519156][ T532] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 55.525630][ T532] F2FS-fs (loop0): Start checkpoint disabled!
[ 55.532085][ T532] attempt to access beyond end of device
[ 55.532085][ T532] loop0: rw=2049, want=40968, limit=40427
[pid 532] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 532] ioctl(3, LOOP_CLR_FD) = 0
[pid 532] close(3) = 0
[pid 532] memfd_create("syzkaller", 0) = 3
[pid 532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 532] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 532] munmap(0x7f19eab8e000, 138412032) = 0
[pid 532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 532] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 532] close(3) = 0
[pid 532] close(4) = 0
[pid 532] mkdir("./file0", 0777) = 0
[pid 532] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 532] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 532] chdir("./file0") = 0
[pid 532] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 532] ioctl(4, LOOP_CLR_FD) = 0
[pid 532] close(4) = 0
[pid 532] exit_group(0) = ?
[pid 532] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=532, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
[ 55.683353][ T532] loop0: detected capacity change from 0 to 1024
[ 55.696493][ T532] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./48/binderfs") = 0
umount2("./48/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./48/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/bus") = 0
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./48") = 0
mkdir("./49", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 537
./strace-static-x86_64: Process 537 attached
[pid 537] set_robust_list(0x55557c94e660, 24) = 0
[pid 537] chdir("./49") = 0
[pid 537] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 537] setpgid(0, 0) = 0
[pid 537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 537] write(3, "1000", 4) = 4
[pid 537] close(3) = 0
[pid 537] symlink("/dev/binderfs", "./binderfs") = 0
[pid 537] write(1, "executing program\n", 18executing program
) = 18
[pid 537] memfd_create("syzkaller", 0) = 3
[pid 537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 537] munmap(0x7f19eab8e000, 138412032) = 0
[pid 537] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 537] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 537] close(3) = 0
[pid 537] close(4) = 0
[pid 537] mkdir("./bus", 0777) = 0
[ 55.962844][ T537] loop0: detected capacity change from 0 to 40427
[ 56.053486][ T537] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 56.061107][ T537] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 56.070140][ T537] F2FS-fs (loop0): invalid crc value
[ 56.076576][ T537] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 56.100617][ T537] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 56.107185][ T537] F2FS-fs (loop0): Start checkpoint disabled!
[ 56.113218][ T537] attempt to access beyond end of device
[ 56.113218][ T537] loop0: rw=2049, want=40968, limit=40427
[pid 537] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 537] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 537] ioctl(3, LOOP_CLR_FD) = 0
[pid 537] close(3) = 0
[pid 537] memfd_create("syzkaller", 0) = 3
[pid 537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 537] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 537] munmap(0x7f19eab8e000, 138412032) = 0
[pid 537] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 537] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 537] close(3) = 0
[pid 537] close(4) = 0
[pid 537] mkdir("./file0", 0777) = 0
[ 56.265862][ T537] loop0: detected capacity change from 0 to 1024
[pid 537] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 537] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 537] chdir("./file0") = 0
[pid 537] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 537] ioctl(4, LOOP_CLR_FD) = 0
[pid 537] close(4) = 0
[pid 537] exit_group(0) = ?
[pid 537] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=537, si_uid=0, si_status=0, si_utime=2, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./49/binderfs") = 0
umount2("./49/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./49/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/bus") = 0
[ 56.335188][ T537] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./49") = 0
mkdir("./50", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 541
./strace-static-x86_64: Process 541 attached
[pid 541] set_robust_list(0x55557c94e660, 24) = 0
[pid 541] chdir("./50") = 0
[pid 541] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program
) = 0
[pid 541] setpgid(0, 0) = 0
[pid 541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 541] write(3, "1000", 4) = 4
[pid 541] close(3) = 0
[pid 541] symlink("/dev/binderfs", "./binderfs") = 0
[pid 541] write(1, "executing program\n", 18) = 18
[pid 541] memfd_create("syzkaller", 0) = 3
[pid 541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 541] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 541] munmap(0x7f19eab8e000, 138412032) = 0
[pid 541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 541] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 541] close(3) = 0
[pid 541] close(4) = 0
[pid 541] mkdir("./bus", 0777) = 0
[ 56.539150][ T541] loop0: detected capacity change from 0 to 40427
[ 56.623406][ T541] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 56.631028][ T541] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 56.640095][ T541] F2FS-fs (loop0): invalid crc value
[ 56.646886][ T541] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 56.670165][ T541] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 56.676671][ T541] F2FS-fs (loop0): Start checkpoint disabled!
[ 56.682612][ T541] attempt to access beyond end of device
[ 56.682612][ T541] loop0: rw=2049, want=40968, limit=40427
[pid 541] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 541] ioctl(3, LOOP_CLR_FD) = 0
[pid 541] close(3) = 0
[pid 541] memfd_create("syzkaller", 0) = 3
[pid 541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 541] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 541] munmap(0x7f19eab8e000, 138412032) = 0
[pid 541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 541] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 541] close(3) = 0
[pid 541] close(4) = 0
[pid 541] mkdir("./file0", 0777) = 0
[pid 541] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 541] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 541] chdir("./file0") = 0
[pid 541] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 541] ioctl(4, LOOP_CLR_FD) = 0
[pid 541] close(4) = 0
[pid 541] exit_group(0) = ?
[pid 541] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=541, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./50/binderfs") = 0
umount2("./50/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./50/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./50/bus") = 0
[ 56.833558][ T541] loop0: detected capacity change from 0 to 1024
[ 56.846409][ T541] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./50/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./50") = 0
mkdir("./51", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 547
./strace-static-x86_64: Process 547 attached
[pid 547] set_robust_list(0x55557c94e660, 24) = 0
[pid 547] chdir("./51") = 0
[pid 547] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 547] setpgid(0, 0) = 0
[pid 547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 547] write(3, "1000", 4) = 4
[pid 547] close(3) = 0
[pid 547] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 547] write(1, "executing program\n", 18) = 18
[pid 547] memfd_create("syzkaller", 0) = 3
[pid 547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 547] munmap(0x7f19eab8e000, 138412032) = 0
[pid 547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 547] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 547] close(3) = 0
[pid 547] close(4) = 0
[pid 547] mkdir("./bus", 0777) = 0
[ 57.044394][ T547] loop0: detected capacity change from 0 to 40427
[ 57.124919][ T547] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 57.132488][ T547] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 57.141785][ T547] F2FS-fs (loop0): invalid crc value
[ 57.148132][ T547] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 547] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 57.171622][ T547] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 57.178231][ T547] F2FS-fs (loop0): Start checkpoint disabled!
[ 57.184466][ T547] attempt to access beyond end of device
[ 57.184466][ T547] loop0: rw=2049, want=40968, limit=40427
[pid 547] ioctl(3, LOOP_CLR_FD) = 0
[pid 547] close(3) = 0
[pid 547] memfd_create("syzkaller", 0) = 3
[pid 547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 547] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 547] munmap(0x7f19eab8e000, 138412032) = 0
[pid 547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 547] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 547] close(3) = 0
[pid 547] close(4) = 0
[pid 547] mkdir("./file0", 0777) = 0
[ 57.300899][ T547] loop0: detected capacity change from 0 to 1024
[ 57.310171][ T547] ==================================================================
[ 57.318066][ T547] BUG: KASAN: use-after-free in __ext4_iget+0x2ee/0x3ef0
[ 57.324920][ T547] Read of size 8 at addr ffff88812716a358 by task syz-executor215/547
[ 57.332916][ T547]
[ 57.335075][ T547] CPU: 1 PID: 547 Comm: syz-executor215 Not tainted 5.15.178-syzkaller-00034-g5e1b899f19c3 #0
[ 57.345143][ T547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 57.355047][ T547] Call Trace:
[ 57.358161][ T547] <TASK>
[ 57.360939][ T547] dump_stack_lvl+0x151/0x1c0
[ 57.365479][ T547] ? io_uring_drop_tctx_refs+0x190/0x190
[ 57.371005][ T547] ? panic+0x760/0x760
[ 57.375000][ T547] ? __kasan_check_write+0x14/0x20
[ 57.380044][ T547] print_address_description+0x87/0x3b0
[ 57.385501][ T547] ? __se_sys_mount+0x2c4/0x3b0
[ 57.390189][ T547] ? __x64_sys_mount+0xbf/0xd0
[ 57.395135][ T547] kasan_report+0x179/0x1c0
[ 57.399474][ T547] ? __ext4_iget+0x2ee/0x3ef0
[ 57.404013][ T547] ? __ext4_iget+0x2ee/0x3ef0
[ 57.408498][ T547] __asan_report_load8_noabort+0x14/0x20
[ 57.413965][ T547] __ext4_iget+0x2ee/0x3ef0
[ 57.418306][ T547] ? xas_nomem+0x19a/0x1d0
[ 57.422561][ T547] ? ida_alloc_range+0x9fd/0xa80
[ 57.427335][ T547] ? __kasan_kmalloc+0x9/0x10
[ 57.432257][ T547] ? ext4_get_projid+0x140/0x140
[ 57.436970][ T547] ? __kasan_check_write+0x14/0x20
[ 57.441917][ T547] ? _raw_write_lock+0xa4/0x170
[ 57.446603][ T547] ? __proc_create+0x65a/0xa00
[ 57.451206][ T547] ? ext4_init_orphan_info+0x161/0x1080
[ 57.456586][ T547] ext4_enable_quotas+0x556/0x980
[ 57.461444][ T547] ? ext4_force_commit+0xc0/0xc0
[ 57.466306][ T547] ? proc_create+0x2b0/0x2b0
[ 57.470755][ T547] ? ext4_register_sysfs+0x281/0x2c0
[ 57.475853][ T547] ext4_fill_super+0x8b95/0x96e0
[ 57.480637][ T547] ? ext4_mount+0x40/0x40
[ 57.484801][ T547] ? vscnprintf+0x80/0x80
[ 57.488966][ T547] ? set_blocksize+0x1f0/0x380
[ 57.493558][ T547] ? sb_set_blocksize+0xa8/0xf0
[ 57.498244][ T547] mount_bdev+0x282/0x3b0
[ 57.502410][ T547] ? ext4_mount+0x40/0x40
[ 57.506578][ T547] ext4_mount+0x34/0x40
[ 57.510568][ T547] legacy_get_tree+0xf1/0x190
[ 57.515083][ T547] ? ext4_errno_to_code+0x140/0x140
[ 57.520118][ T547] vfs_get_tree+0x88/0x290
[ 57.524370][ T547] do_new_mount+0x2ba/0xb30
[ 57.528718][ T547] ? do_move_mount_old+0x160/0x160
[ 57.534002][ T547] ? security_capable+0x87/0xb0
[ 57.538784][ T547] ? ns_capable+0x89/0xe0
[ 57.542949][ T547] path_mount+0x671/0x1070
[ 57.547215][ T547] __se_sys_mount+0x2c4/0x3b0
[ 57.551720][ T547] ? __x64_sys_mount+0xd0/0xd0
[ 57.556313][ T547] ? __kasan_check_write+0x14/0x20
[ 57.561258][ T547] __x64_sys_mount+0xbf/0xd0
[ 57.565683][ T547] x64_sys_call+0x49d/0x9a0
[ 57.570022][ T547] do_syscall_64+0x3b/0xb0
[ 57.574275][ T547] ? clear_bhb_loop+0x35/0x90
[ 57.579228][ T547] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.584957][ T547] RIP: 0033:0x7f19f2fce82a
[ 57.589292][ T547] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 57.609171][ T547] RSP: 002b:00007ffcc0f5a988 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
[ 57.617417][ T547] RAX: ffffffffffffffda RBX: 00007ffcc0f5a9e0 RCX: 00007f19f2fce82a
[ 57.625222][ T547] RDX: 0000200000000580 RSI: 00002000000005c0 RDI: 00007ffcc0f5a9e0
[ 57.633037][ T547] RBP: 00002000000005c0 R08: 00007ffcc0f5aa20 R09: 000000000000054a
[ 57.640845][ T547] R10: 0000000000000000 R11: 0000000000000202 R12: 0000200000000580
[ 57.648656][ T547] R13: 00007ffcc0f5aa20 R14: 0000000000000550 R15: 0000200000000600
[ 57.656493][ T547] </TASK>
[ 57.659424][ T547]
[ 57.661597][ T547] Allocated by task 363:
[ 57.665669][ T547] __kasan_slab_alloc+0xb1/0xe0
[ 57.670352][ T547] slab_post_alloc_hook+0x53/0x2c0
[ 57.675447][ T547] kmem_cache_alloc+0xf5/0x250
[ 57.680047][ T547] f2fs_alloc_inode+0x26/0x340
[ 57.684740][ T547] iget_locked+0x174/0x860
[ 57.688988][ T547] f2fs_iget+0x55/0x4fe0
[ 57.693067][ T547] f2fs_fill_super+0x4f0f/0x8190
[ 57.697840][ T547] mount_bdev+0x282/0x3b0
[ 57.702002][ T547] f2fs_mount+0x34/0x40
[ 57.706101][ T547] legacy_get_tree+0xf1/0x190
[ 57.710749][ T547] vfs_get_tree+0x88/0x290
[ 57.714999][ T547] do_new_mount+0x2ba/0xb30
[ 57.719441][ T547] path_mount+0x671/0x1070
[ 57.723971][ T547] __se_sys_mount+0x2c4/0x3b0
[ 57.728480][ T547] __x64_sys_mount+0xbf/0xd0
[ 57.732912][ T547] x64_sys_call+0x49d/0x9a0
[ 57.737242][ T547] do_syscall_64+0x3b/0xb0
[ 57.741492][ T547] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.747223][ T547]
[ 57.749394][ T547] Freed by task 0:
[ 57.752953][ T547] kasan_set_track+0x4b/0x70
[ 57.757382][ T547] kasan_set_free_info+0x23/0x40
[ 57.762166][ T547] ____kasan_slab_free+0x126/0x160
[ 57.767150][ T547] __kasan_slab_free+0x11/0x20
[ 57.771698][ T547] slab_free_freelist_hook+0xbd/0x190
[ 57.776907][ T547] kmem_cache_free+0x115/0x330
[ 57.781504][ T547] f2fs_free_inode+0x24/0x30
[ 57.785933][ T547] i_callback+0x4b/0x70
[ 57.789924][ T547] rcu_do_batch+0x57a/0xc10
[ 57.794264][ T547] rcu_core+0x517/0x1020
[ 57.798344][ T547] rcu_core_si+0x9/0x10
[ 57.802336][ T547] handle_softirqs+0x25e/0x5c0
[ 57.806937][ T547] __irq_exit_rcu+0x52/0xf0
[ 57.811276][ T547] irq_exit_rcu+0x9/0x10
[ 57.815356][ T547] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 57.820825][ T547] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 57.826638][ T547]
[ 57.828808][ T547] Last potentially related work creation:
[ 57.834539][ T547] kasan_save_stack+0x3b/0x60
[ 57.839053][ T547] __kasan_record_aux_stack+0xd3/0xf0
[ 57.844378][ T547] kasan_record_aux_stack_noalloc+0xb/0x10
[ 57.849987][ T547] call_rcu+0x123/0x10b0
[ 57.854067][ T547] evict+0x87d/0x930
[ 57.857804][ T547] iput+0x63b/0x7e0
[ 57.861550][ T547] f2fs_fill_super+0x6b2a/0x8190
[ 57.866314][ T547] mount_bdev+0x282/0x3b0
[ 57.870482][ T547] f2fs_mount+0x34/0x40
[ 57.874474][ T547] legacy_get_tree+0xf1/0x190
[ 57.878990][ T547] vfs_get_tree+0x88/0x290
[ 57.883240][ T547] do_new_mount+0x2ba/0xb30
[ 57.887665][ T547] path_mount+0x671/0x1070
[ 57.891918][ T547] __se_sys_mount+0x2c4/0x3b0
[ 57.896434][ T547] __x64_sys_mount+0xbf/0xd0
[ 57.900865][ T547] x64_sys_call+0x49d/0x9a0
[ 57.905204][ T547] do_syscall_64+0x3b/0xb0
[ 57.909453][ T547] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.915183][ T547]
[ 57.917359][ T547] The buggy address belongs to the object at ffff888127169e50
[ 57.917359][ T547] which belongs to the cache f2fs_inode_cache of size 1424
[ 57.931758][ T547] The buggy address is located 1288 bytes inside of
[ 57.931758][ T547] 1424-byte region [ffff888127169e50, ffff88812716a3e0)
[ 57.945041][ T547] The buggy address belongs to the page:
[ 57.950514][ T547] page:ffffea00049c5a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x127168
[ 57.960576][ T547] head:ffffea00049c5a00 order:3 compound_mapcount:0 compound_pincount:0
[ 57.968744][ T547] flags: 0x4000000000010200(slab|head|zone=1)
[ 57.974646][ T547] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888107fb3e00
[ 57.983237][ T547] raw: 0000000000000000 0000000000150015 00000001ffffffff 0000000000000000
[ 57.991645][ T547] page dumped because: kasan: bad access detected
[ 57.997902][ T547] page_owner tracks the page as allocated
[ 58.003457][ T547] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 359, ts 36089275798, free_ts 0
[ 58.022371][ T547] post_alloc_hook+0x1a3/0x1b0
[ 58.026973][ T547] prep_new_page+0x1b/0x110
[ 58.031317][ T547] get_page_from_freelist+0x3550/0x35d0
[ 58.036693][ T547] __alloc_pages+0x27e/0x8f0
[ 58.041233][ T547] new_slab+0x9a/0x4e0
[ 58.045143][ T547] ___slab_alloc+0x39e/0x830
[ 58.049566][ T547] __slab_alloc+0x4a/0x90
[ 58.053764][ T547] kmem_cache_alloc+0x139/0x250
[ 58.058419][ T547] f2fs_alloc_inode+0x26/0x340
[ 58.063027][ T547] iget_locked+0x174/0x860
[ 58.067276][ T547] f2fs_iget+0x55/0x4fe0
[ 58.071359][ T547] f2fs_fill_super+0x6783/0x8190
[ 58.076306][ T547] mount_bdev+0x282/0x3b0
[ 58.080473][ T547] f2fs_mount+0x34/0x40
[ 58.084480][ T547] legacy_get_tree+0xf1/0x190
[ 58.088975][ T547] vfs_get_tree+0x88/0x290
[ 58.093227][ T547] page_owner free stack trace missing
[ 58.098437][ T547]
[ 58.100612][ T547] Memory state around the buggy address:
[ 58.106078][ T547] ffff88812716a200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.114057][ T547] ffff88812716a280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.121961][ T547] >ffff88812716a300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.129943][ T547] ^
[ 58.136728][ T547] ffff88812716a380: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 58.144888][ T547] ffff88812716a400: fc fc fc fc fc fc fc fc fc fc fc fc 00 00 00 00
[ 58.152763][ T547] ==================================================================
[ 58.160759][ T547] Disabling lock debugging due to kernel taint
[ 58.166952][ T547] EXT4-fs warning (device loop0): ext4_enable_quotas:6423: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[ 58.181356][ T30] audit: type=1400 audit(1743533739.575:73): avc: denied { remove_name } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 58.203484][ T30] audit: type=1400 audit(1743533739.575:74): avc: denied { rename } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 58.203941][ T547] EXT4-fs (loop0): mount failed
[pid 547] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = -1 EACCES (Permission denied)
[pid 547] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 547] ioctl(3, LOOP_CLR_FD) = 0
[pid 547] close(3) = 0
[pid 547] exit_group(0) = ?
[pid 547] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=547, si_uid=0, si_status=0, si_utime=3, si_stime=20} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./51/binderfs") = 0
umount2("./51/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./51/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/bus") = 0
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./51") = 0
mkdir("./52", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 552 attached
<unfinished ...>
[pid 552] set_robust_list(0x55557c94e660, 24) = 0
[pid 552] chdir("./52" <unfinished ...>
[pid 302] <... clone resumed>, child_tidptr=0x55557c94e650) = 552
[pid 552] <... chdir resumed>) = 0
[pid 552] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 552] setpgid(0, 0) = 0
[pid 552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 552] write(3, "1000", 4) = 4
[pid 552] close(3) = 0
[pid 552] symlink("/dev/binderfs", "./binderfs") = 0
[pid 552] write(1, "executing program\n", 18executing program
) = 18
[pid 552] memfd_create("syzkaller", 0) = 3
[pid 552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 552] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 552] munmap(0x7f19eab8e000, 138412032) = 0
[pid 552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 552] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 552] close(3) = 0
[pid 552] close(4) = 0
[pid 552] mkdir("./bus", 0777) = 0
[ 58.445062][ T552] loop0: detected capacity change from 0 to 40427
[ 58.556908][ T552] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 58.564559][ T552] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 58.573634][ T552] F2FS-fs (loop0): invalid crc value
[ 58.580518][ T552] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 552] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = 0
[pid 552] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 552] ioctl(4, LOOP_CLR_FD) = 0
[pid 552] close(4) = 0
[pid 552] memfd_create("syzkaller", 0) = 4
[pid 552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 552] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 552] munmap(0x7f19eab8e000, 138412032) = 0
[pid 552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid 552] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 552] ioctl(5, LOOP_CLR_FD) = 0
[pid 552] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 552] close(5) = 0
[pid 552] close(4) = 0
[pid 552] exit_group(0) = ?
[pid 552] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=552, si_uid=0, si_status=0, si_utime=4, si_stime=11} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 4 entries */, 32768) = 104
umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./52/binderfs") = 0
[ 58.603813][ T552] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 58.610747][ T552] F2FS-fs (loop0): Start checkpoint disabled!
[ 58.617790][ T552] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 58.624756][ T552] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
umount2("./52/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./52/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./52/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./52/bus") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./52") = 0
mkdir("./53", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 557
./strace-static-x86_64: Process 557 attached
[pid 557] set_robust_list(0x55557c94e660, 24) = 0
[pid 557] chdir("./53") = 0
[pid 557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 557] setpgid(0, 0) = 0
[pid 557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 557] write(3, "1000", 4) = 4
[pid 557] close(3) = 0
[pid 557] symlink("/dev/binderfs", "./binderfs") = 0
[pid 557] write(1, "executing program\n", 18executing program
) = 18
[pid 557] memfd_create("syzkaller", 0) = 3
[pid 557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 557] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 557] munmap(0x7f19eab8e000, 138412032) = 0
[pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 557] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 557] close(3) = 0
[pid 557] close(4) = 0
[pid 557] mkdir("./bus", 0777) = 0
[ 58.913641][ T557] loop0: detected capacity change from 0 to 40427
[ 58.924106][ T557] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 58.931669][ T557] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 58.940663][ T557] F2FS-fs (loop0): invalid crc value
[ 58.946987][ T557] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 58.970335][ T557] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 58.976858][ T557] F2FS-fs (loop0): Start checkpoint disabled!
[ 58.983099][ T557] attempt to access beyond end of device
[ 58.983099][ T557] loop0: rw=2049, want=40968, limit=40427
[pid 557] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 557] ioctl(3, LOOP_CLR_FD) = 0
[pid 557] close(3) = 0
[pid 557] memfd_create("syzkaller", 0) = 3
[pid 557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 557] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 557] munmap(0x7f19eab8e000, 138412032) = 0
[pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 557] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 557] close(3) = 0
[pid 557] close(4) = 0
[pid 557] mkdir("./file0", 0777) = 0
[ 59.134891][ T557] loop0: detected capacity change from 0 to 1024
[pid 557] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 557] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 557] chdir("./file0") = 0
[pid 557] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 557] ioctl(4, LOOP_CLR_FD) = 0
[pid 557] close(4) = 0
[pid 557] exit_group(0) = ?
[pid 557] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=557, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./53/binderfs") = 0
umount2("./53/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./53/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/bus") = 0
[ 59.205411][ T557] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./53") = 0
mkdir("./54", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 561
./strace-static-x86_64: Process 561 attached
[pid 561] set_robust_list(0x55557c94e660, 24) = 0
[pid 561] chdir("./54") = 0
[pid 561] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 561] setpgid(0, 0) = 0
[pid 561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 561] write(3, "1000", 4) = 4
[pid 561] close(3) = 0
[pid 561] symlink("/dev/binderfs", "./binderfs") = 0
[pid 561] write(1, "executing program\n", 18executing program
) = 18
[pid 561] memfd_create("syzkaller", 0) = 3
[pid 561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 561] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 561] munmap(0x7f19eab8e000, 138412032) = 0
[pid 561] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 561] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 561] close(3) = 0
[pid 561] close(4) = 0
[pid 561] mkdir("./bus", 0777) = 0
[ 59.407609][ T561] loop0: detected capacity change from 0 to 40427
[ 59.418391][ T561] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 59.426098][ T561] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 59.435184][ T561] F2FS-fs (loop0): invalid crc value
[ 59.441453][ T561] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 561] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 561] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 59.464686][ T561] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 59.471173][ T561] F2FS-fs (loop0): Start checkpoint disabled!
[ 59.477176][ T561] attempt to access beyond end of device
[ 59.477176][ T561] loop0: rw=2049, want=40968, limit=40427
[pid 561] ioctl(3, LOOP_CLR_FD) = 0
[pid 561] close(3) = 0
[pid 561] memfd_create("syzkaller", 0) = 3
[pid 561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 561] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 561] munmap(0x7f19eab8e000, 138412032) = 0
[pid 561] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 561] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 561] close(3) = 0
[pid 561] close(4) = 0
[pid 561] mkdir("./file0", 0777) = 0
[ 59.603019][ T561] loop0: detected capacity change from 0 to 1024
[ 59.674744][ T561] EXT4-fs error (device loop0): ext4_quota_enable:6379: inode #3: comm syz-executor215: unexpected EA_INODE flag
[ 59.686742][ T561] EXT4-fs error (device loop0): ext4_quota_enable:6382: comm syz-executor215: Bad quota inode: 3, type: 0
[ 59.698111][ T561] EXT4-fs warning (device loop0): ext4_enable_quotas:6423: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[ 59.712995][ T561] EXT4-fs (loop0): mount failed
[pid 561] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = -1 EUCLEAN (Structure needs cleaning)
[pid 561] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 561] ioctl(3, LOOP_CLR_FD) = 0
[pid 561] close(3) = 0
[pid 561] exit_group(0) = ?
[pid 561] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=561, si_uid=0, si_status=0, si_utime=0, si_stime=25} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./54/binderfs") = 0
umount2("./54/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./54/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/bus") = 0
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./54") = 0
mkdir("./55", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 566
./strace-static-x86_64: Process 566 attached
[pid 566] set_robust_list(0x55557c94e660, 24) = 0
[pid 566] chdir("./55") = 0
[pid 566] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 566] setpgid(0, 0) = 0
[pid 566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 566] write(3, "1000", 4) = 4
[pid 566] close(3) = 0
[pid 566] symlink("/dev/binderfs", "./binderfs") = 0
[pid 566] write(1, "executing program\n", 18executing program
) = 18
[pid 566] memfd_create("syzkaller", 0) = 3
[pid 566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 566] munmap(0x7f19eab8e000, 138412032) = 0
[pid 566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 566] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 566] close(3) = 0
[pid 566] close(4) = 0
[pid 566] mkdir("./bus", 0777) = 0
[ 59.911846][ T566] loop0: detected capacity change from 0 to 40427
[ 59.922380][ T566] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 59.930004][ T566] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 59.938923][ T566] F2FS-fs (loop0): invalid crc value
[ 59.945427][ T566] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 59.968834][ T566] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 59.975440][ T566] F2FS-fs (loop0): Start checkpoint disabled!
[ 59.981590][ T566] attempt to access beyond end of device
[ 59.981590][ T566] loop0: rw=2049, want=40968, limit=40427
[pid 566] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 566] ioctl(3, LOOP_CLR_FD) = 0
[pid 566] close(3) = 0
[pid 566] memfd_create("syzkaller", 0) = 3
[pid 566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 566] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 566] munmap(0x7f19eab8e000, 138412032) = 0
[pid 566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 566] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 566] close(3) = 0
[pid 566] close(4) = 0
[pid 566] mkdir("./file0", 0777) = 0
[pid 566] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 566] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 566] chdir("./file0") = 0
[pid 566] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 566] ioctl(4, LOOP_CLR_FD) = 0
[pid 566] close(4) = 0
[pid 566] exit_group(0) = ?
[pid 566] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=566, si_uid=0, si_status=0, si_utime=3, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./55/binderfs") = 0
umount2("./55/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./55/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/bus") = 0
[ 60.134829][ T566] loop0: detected capacity change from 0 to 1024
[ 60.157019][ T566] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./55") = 0
mkdir("./56", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 570
./strace-static-x86_64: Process 570 attached
[pid 570] set_robust_list(0x55557c94e660, 24) = 0
[pid 570] chdir("./56") = 0
[pid 570] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 570] setpgid(0, 0) = 0
[pid 570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 570] write(3, "1000", 4) = 4
[pid 570] close(3) = 0
[pid 570] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 570] write(1, "executing program\n", 18) = 18
[pid 570] memfd_create("syzkaller", 0) = 3
[pid 570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 570] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 570] munmap(0x7f19eab8e000, 138412032) = 0
[pid 570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 570] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 570] close(3) = 0
[pid 570] close(4) = 0
[pid 570] mkdir("./bus", 0777) = 0
[ 60.326239][ T570] loop0: detected capacity change from 0 to 40427
[ 60.423406][ T570] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 60.431027][ T570] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 60.440213][ T570] F2FS-fs (loop0): invalid crc value
[ 60.446483][ T570] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 570] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 60.469710][ T570] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 60.476210][ T570] F2FS-fs (loop0): Start checkpoint disabled!
[ 60.482162][ T570] attempt to access beyond end of device
[ 60.482162][ T570] loop0: rw=2049, want=40968, limit=40427
[pid 570] ioctl(3, LOOP_CLR_FD) = 0
[pid 570] close(3) = 0
[pid 570] memfd_create("syzkaller", 0) = 3
[pid 570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 570] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 570] munmap(0x7f19eab8e000, 138412032) = 0
[pid 570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 570] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 570] close(3) = 0
[pid 570] close(4) = 0
[pid 570] mkdir("./file0", 0777) = 0
[ 60.613316][ T570] loop0: detected capacity change from 0 to 1024
[pid 570] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 570] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 570] chdir("./file0") = 0
[pid 570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 570] ioctl(4, LOOP_CLR_FD) = 0
[pid 570] close(4) = 0
[pid 570] exit_group(0) = ?
[pid 570] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=570, si_uid=0, si_status=0, si_utime=3, si_stime=16} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./56/binderfs") = 0
umount2("./56/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./56/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/bus") = 0
[ 60.685363][ T570] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./56") = 0
mkdir("./57", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 575 attached
<unfinished ...>
[pid 575] set_robust_list(0x55557c94e660, 24) = 0
[pid 575] chdir("./57") = 0
[pid 575] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 575] setpgid(0, 0) = 0
[pid 575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 575] write(3, "1000", 4 <unfinished ...>
[pid 302] <... clone resumed>, child_tidptr=0x55557c94e650) = 575
[pid 575] <... write resumed>) = 4
[pid 575] close(3) = 0
[pid 575] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 575] write(1, "executing program\n", 18) = 18
[pid 575] memfd_create("syzkaller", 0) = 3
[pid 575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 575] munmap(0x7f19eab8e000, 138412032) = 0
[pid 575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 575] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 575] close(3) = 0
[pid 575] close(4) = 0
[pid 575] mkdir("./bus", 0777) = 0
[ 60.899841][ T575] loop0: detected capacity change from 0 to 40427
[ 60.993450][ T575] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 61.001077][ T575] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 61.010065][ T575] F2FS-fs (loop0): invalid crc value
[ 61.016303][ T575] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 61.039332][ T575] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 61.045948][ T575] F2FS-fs (loop0): Start checkpoint disabled!
[ 61.052102][ T575] attempt to access beyond end of device
[ 61.052102][ T575] loop0: rw=2049, want=40968, limit=40427
[pid 575] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 575] ioctl(3, LOOP_CLR_FD) = 0
[pid 575] close(3) = 0
[pid 575] memfd_create("syzkaller", 0) = 3
[pid 575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 575] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 575] munmap(0x7f19eab8e000, 138412032) = 0
[pid 575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 575] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 575] close(3) = 0
[pid 575] close(4) = 0
[pid 575] mkdir("./file0", 0777) = 0
[ 61.201327][ T575] loop0: detected capacity change from 0 to 1024
[pid 575] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 575] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 575] chdir("./file0") = 0
[pid 575] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 575] ioctl(4, LOOP_CLR_FD) = 0
[pid 575] close(4) = 0
[pid 575] exit_group(0) = ?
[pid 575] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=575, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./57/binderfs") = 0
umount2("./57/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./57/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/bus") = 0
[ 61.295279][ T575] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./57") = 0
mkdir("./58", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 580
./strace-static-x86_64: Process 580 attached
[pid 580] set_robust_list(0x55557c94e660, 24) = 0
[pid 580] chdir("./58") = 0
[pid 580] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 580] setpgid(0, 0) = 0
[pid 580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 580] write(3, "1000", 4) = 4
[pid 580] close(3) = 0
[pid 580] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 580] write(1, "executing program\n", 18) = 18
[pid 580] memfd_create("syzkaller", 0) = 3
[pid 580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 580] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 580] munmap(0x7f19eab8e000, 138412032) = 0
[pid 580] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 580] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 580] close(3) = 0
[pid 580] close(4) = 0
[pid 580] mkdir("./bus", 0777) = 0
[ 61.477724][ T580] loop0: detected capacity change from 0 to 40427
[ 61.559106][ T580] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 61.566800][ T580] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 61.575776][ T580] F2FS-fs (loop0): invalid crc value
[ 61.582398][ T580] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 61.606005][ T580] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 61.612659][ T580] F2FS-fs (loop0): Start checkpoint disabled!
[ 61.618704][ T580] attempt to access beyond end of device
[ 61.618704][ T580] loop0: rw=2049, want=40968, limit=40427
[pid 580] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 580] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 580] ioctl(3, LOOP_CLR_FD) = 0
[pid 580] close(3) = 0
[pid 580] memfd_create("syzkaller", 0) = 3
[pid 580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 580] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 580] munmap(0x7f19eab8e000, 138412032) = 0
[pid 580] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 580] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 580] close(3) = 0
[pid 580] close(4) = 0
[pid 580] mkdir("./file0", 0777) = 0
[ 61.754810][ T580] loop0: detected capacity change from 0 to 1024
[pid 580] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 580] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 580] chdir("./file0") = 0
[pid 580] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 580] ioctl(4, LOOP_CLR_FD) = 0
[pid 580] close(4) = 0
[pid 580] exit_group(0) = ?
[pid 580] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=580, si_uid=0, si_status=0, si_utime=3, si_stime=17} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./58/binderfs") = 0
umount2("./58/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./58/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/bus") = 0
[ 61.825452][ T580] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./58") = 0
mkdir("./59", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 585
./strace-static-x86_64: Process 585 attached
[pid 585] set_robust_list(0x55557c94e660, 24) = 0
[pid 585] chdir("./59") = 0
[pid 585] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 585] setpgid(0, 0) = 0
[pid 585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 585] write(3, "1000", 4) = 4
[pid 585] close(3) = 0
[pid 585] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 585] write(1, "executing program\n", 18) = 18
[pid 585] memfd_create("syzkaller", 0) = 3
[pid 585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 585] munmap(0x7f19eab8e000, 138412032) = 0
[pid 585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 585] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 585] close(3) = 0
[pid 585] close(4) = 0
[pid 585] mkdir("./bus", 0777) = 0
[ 62.041678][ T585] loop0: detected capacity change from 0 to 40427
[ 62.143377][ T585] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 62.150955][ T585] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 62.160675][ T585] F2FS-fs (loop0): invalid crc value
[ 62.167610][ T585] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 62.191419][ T585] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 62.198140][ T585] F2FS-fs (loop0): Start checkpoint disabled!
[ 62.204359][ T585] attempt to access beyond end of device
[ 62.204359][ T585] loop0: rw=2049, want=40968, limit=40427
[pid 585] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 585] ioctl(3, LOOP_CLR_FD) = 0
[pid 585] close(3) = 0
[pid 585] memfd_create("syzkaller", 0) = 3
[pid 585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 585] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 585] munmap(0x7f19eab8e000, 138412032) = 0
[pid 585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 585] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 585] close(3) = 0
[pid 585] close(4) = 0
[pid 585] mkdir("./file0", 0777) = 0
[ 62.353738][ T585] loop0: detected capacity change from 0 to 1024
[pid 585] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 585] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 585] chdir("./file0") = 0
[pid 585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 585] ioctl(4, LOOP_CLR_FD) = 0
[pid 585] close(4) = 0
[pid 585] exit_group(0) = ?
[pid 585] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=585, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./59/binderfs") = 0
umount2("./59/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./59/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./59/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/bus") = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./59") = 0
mkdir("./60", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 589
./strace-static-x86_64: Process 589 attached
[pid 589] set_robust_list(0x55557c94e660, 24) = 0
[pid 589] chdir("./60") = 0
[pid 589] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 589] setpgid(0, 0) = 0
[pid 589] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 589] write(3, "1000", 4) = 4
[pid 589] close(3) = 0
[pid 589] symlink("/dev/binderfs", "./binderfs") = 0
[pid 589] write(1, "executing program\n", 18executing program
) = 18
[pid 589] memfd_create("syzkaller", 0) = 3
[pid 589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[ 62.425392][ T585] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[pid 589] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 589] munmap(0x7f19eab8e000, 138412032) = 0
[pid 589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 589] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 589] close(3) = 0
[pid 589] close(4) = 0
[pid 589] mkdir("./bus", 0777) = 0
[ 62.574816][ T589] loop0: detected capacity change from 0 to 40427
[ 62.635583][ T589] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 62.643189][ T589] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 62.652168][ T589] F2FS-fs (loop0): invalid crc value
[ 62.658442][ T589] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 62.681752][ T589] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 62.688488][ T589] F2FS-fs (loop0): Start checkpoint disabled!
[ 62.694609][ T589] attempt to access beyond end of device
[ 62.694609][ T589] loop0: rw=2049, want=40968, limit=40427
[pid 589] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 589] ioctl(3, LOOP_CLR_FD) = 0
[pid 589] close(3) = 0
[pid 589] memfd_create("syzkaller", 0) = 3
[pid 589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 589] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 589] munmap(0x7f19eab8e000, 138412032) = 0
[pid 589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 589] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 589] close(3) = 0
[pid 589] close(4) = 0
[pid 589] mkdir("./file0", 0777) = 0
[ 62.833370][ T589] loop0: detected capacity change from 0 to 1024
[pid 589] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 589] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 589] chdir("./file0") = 0
[pid 589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 589] ioctl(4, LOOP_CLR_FD) = 0
[pid 589] close(4) = 0
[pid 589] exit_group(0) = ?
[pid 589] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=589, si_uid=0, si_status=0, si_utime=2, si_stime=18} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./60/binderfs") = 0
umount2("./60/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./60/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./60/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./60/bus") = 0
[ 62.935697][ T589] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./60/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./60") = 0
mkdir("./61", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 594
./strace-static-x86_64: Process 594 attached
[pid 594] set_robust_list(0x55557c94e660, 24) = 0
[pid 594] chdir("./61") = 0
[pid 594] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 594] setpgid(0, 0) = 0
[pid 594] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 594] write(3, "1000", 4) = 4
[pid 594] close(3) = 0
[pid 594] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 594] write(1, "executing program\n", 18) = 18
[pid 594] memfd_create("syzkaller", 0) = 3
[pid 594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 594] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 594] munmap(0x7f19eab8e000, 138412032) = 0
[pid 594] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 594] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 594] close(3) = 0
[pid 594] close(4) = 0
[pid 594] mkdir("./bus", 0777) = 0
[ 63.155689][ T594] loop0: detected capacity change from 0 to 40427
[ 63.233442][ T594] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 63.241092][ T594] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 63.250610][ T594] F2FS-fs (loop0): invalid crc value
[ 63.256944][ T594] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 594] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = 0
[pid 594] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 594] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 594] ioctl(4, LOOP_CLR_FD) = 0
[pid 594] close(4) = 0
[pid 594] memfd_create("syzkaller", 0) = 4
[pid 594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 594] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 594] munmap(0x7f19eab8e000, 138412032) = 0
[pid 594] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid 594] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 594] ioctl(5, LOOP_CLR_FD) = 0
[pid 594] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 594] close(5) = 0
[pid 594] close(4) = 0
[pid 594] exit_group(0) = ?
[pid 594] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=594, si_uid=0, si_status=0, si_utime=3, si_stime=12} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 4 entries */, 32768) = 104
umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./61/binderfs") = 0
[ 63.280805][ T594] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 63.287586][ T594] F2FS-fs (loop0): Start checkpoint disabled!
[ 63.294488][ T594] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 63.301621][ T594] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
umount2("./61/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./61/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./61/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./61/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./61/bus") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./61") = 0
mkdir("./62", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 598
./strace-static-x86_64: Process 598 attached
[pid 598] set_robust_list(0x55557c94e660, 24) = 0
[pid 598] chdir("./62") = 0
[pid 598] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 598] setpgid(0, 0) = 0
[pid 598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 598] write(3, "1000", 4) = 4
[pid 598] close(3) = 0
[pid 598] symlink("/dev/binderfs", "./binderfs") = 0
[pid 598] write(1, "executing program\n", 18executing program
) = 18
[pid 598] memfd_create("syzkaller", 0) = 3
[pid 598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 598] munmap(0x7f19eab8e000, 138412032) = 0
[pid 598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 598] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 598] close(3) = 0
[pid 598] close(4) = 0
[pid 598] mkdir("./bus", 0777) = 0
[ 63.538026][ T598] loop0: detected capacity change from 0 to 40427
[ 63.549401][ T598] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 63.558307][ T598] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 63.568442][ T598] F2FS-fs (loop0): invalid crc value
[ 63.574776][ T598] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 63.598526][ T598] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 63.606480][ T598] F2FS-fs (loop0): Start checkpoint disabled!
[ 63.613066][ T598] attempt to access beyond end of device
[ 63.613066][ T598] loop0: rw=2049, want=40968, limit=40427
[pid 598] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 598] ioctl(3, LOOP_CLR_FD) = 0
[pid 598] close(3) = 0
[pid 598] memfd_create("syzkaller", 0) = 3
[pid 598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 598] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 598] munmap(0x7f19eab8e000, 138412032) = 0
[pid 598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 598] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 598] close(3) = 0
[pid 598] close(4) = 0
[pid 598] mkdir("./file0", 0777) = 0
[ 63.764938][ T598] loop0: detected capacity change from 0 to 1024
[pid 598] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 598] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 598] chdir("./file0") = 0
[pid 598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 598] ioctl(4, LOOP_CLR_FD) = 0
[pid 598] close(4) = 0
[pid 598] exit_group(0) = ?
[pid 598] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=598, si_uid=0, si_status=0, si_utime=1, si_stime=21} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./62/binderfs") = 0
umount2("./62/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./62/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./62/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./62/bus") = 0
[ 63.835249][ T598] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./62/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./62") = 0
mkdir("./63", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 603
./strace-static-x86_64: Process 603 attached
[pid 603] set_robust_list(0x55557c94e660, 24) = 0
[pid 603] chdir("./63") = 0
[pid 603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 603] setpgid(0, 0) = 0
[pid 603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 603] write(3, "1000", 4) = 4
[pid 603] close(3) = 0
[pid 603] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 603] write(1, "executing program\n", 18) = 18
[pid 603] memfd_create("syzkaller", 0) = 3
[pid 603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 603] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 603] munmap(0x7f19eab8e000, 138412032) = 0
[pid 603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 603] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 603] close(3) = 0
[pid 603] close(4) = 0
[pid 603] mkdir("./bus", 0777) = 0
[ 64.080169][ T603] loop0: detected capacity change from 0 to 40427
[ 64.173338][ T603] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 64.180910][ T603] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 64.190571][ T603] F2FS-fs (loop0): invalid crc value
[ 64.197201][ T603] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 603] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 64.221788][ T603] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 64.228729][ T603] F2FS-fs (loop0): Start checkpoint disabled!
[ 64.234886][ T603] attempt to access beyond end of device
[ 64.234886][ T603] loop0: rw=2049, want=40968, limit=40427
[pid 603] ioctl(3, LOOP_CLR_FD) = 0
[pid 603] close(3) = 0
[pid 603] memfd_create("syzkaller", 0) = 3
[pid 603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 603] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 603] munmap(0x7f19eab8e000, 138412032) = 0
[pid 603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 603] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 603] close(3) = 0
[pid 603] close(4) = 0
[pid 603] mkdir("./file0", 0777) = 0
[ 64.374398][ T603] loop0: detected capacity change from 0 to 1024
[pid 603] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 603] chdir("./file0") = 0
[pid 603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 603] ioctl(4, LOOP_CLR_FD) = 0
[pid 603] close(4) = 0
[pid 603] exit_group(0) = ?
[pid 603] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=603, si_uid=0, si_status=0, si_utime=3, si_stime=19} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./63/binderfs") = 0
umount2("./63/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./63/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./63/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./63/bus") = 0
[ 64.455204][ T603] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./63/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./63") = 0
mkdir("./64", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 608
./strace-static-x86_64: Process 608 attached
[pid 608] set_robust_list(0x55557c94e660, 24) = 0
[pid 608] chdir("./64") = 0
[pid 608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 608] setpgid(0, 0) = 0
[pid 608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 608] write(3, "1000", 4) = 4
[pid 608] close(3) = 0
[pid 608] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 608] write(1, "executing program\n", 18) = 18
[pid 608] memfd_create("syzkaller", 0) = 3
[pid 608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 608] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 608] munmap(0x7f19eab8e000, 138412032) = 0
[pid 608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 608] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 608] close(3) = 0
[pid 608] close(4) = 0
[pid 608] mkdir("./bus", 0777) = 0
[ 64.632125][ T608] loop0: detected capacity change from 0 to 40427
[ 64.713425][ T608] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 64.721159][ T608] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 64.730362][ T608] F2FS-fs (loop0): invalid crc value
[ 64.736897][ T608] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 64.760988][ T608] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 64.769297][ T608] F2FS-fs (loop0): Start checkpoint disabled!
[ 64.776411][ T608] attempt to access beyond end of device
[ 64.776411][ T608] loop0: rw=2049, want=40968, limit=40427
[pid 608] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 608] ioctl(3, LOOP_CLR_FD) = 0
[pid 608] close(3) = 0
[pid 608] memfd_create("syzkaller", 0) = 3
[pid 608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 608] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 608] munmap(0x7f19eab8e000, 138412032) = 0
[pid 608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 608] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 608] close(3) = 0
[pid 608] close(4) = 0
[pid 608] mkdir("./file0", 0777) = 0
[ 64.923443][ T608] loop0: detected capacity change from 0 to 1024
[pid 608] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 608] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 608] chdir("./file0") = 0
[pid 608] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 608] ioctl(4, LOOP_CLR_FD) = 0
[pid 608] close(4) = 0
[pid 608] exit_group(0) = ?
[pid 608] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=608, si_uid=0, si_status=0, si_utime=4, si_stime=16} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./64/binderfs") = 0
umount2("./64/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./64/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./64/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./64/bus") = 0
[ 64.995219][ T608] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./64/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./64") = 0
mkdir("./65", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 613
./strace-static-x86_64: Process 613 attached
[pid 613] set_robust_list(0x55557c94e660, 24) = 0
[pid 613] chdir("./65") = 0
[pid 613] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 613] setpgid(0, 0) = 0
[pid 613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 613] write(3, "1000", 4) = 4
[pid 613] close(3) = 0
[pid 613] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 613] write(1, "executing program\n", 18) = 18
[pid 613] memfd_create("syzkaller", 0) = 3
[pid 613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 613] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 613] munmap(0x7f19eab8e000, 138412032) = 0
[pid 613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 613] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 613] close(3) = 0
[pid 613] close(4) = 0
[pid 613] mkdir("./bus", 0777) = 0
[ 65.184212][ T613] loop0: detected capacity change from 0 to 40427
[ 65.263399][ T613] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 65.271173][ T613] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 65.281371][ T613] F2FS-fs (loop0): invalid crc value
[ 65.288506][ T613] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 613] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = 0
[pid 613] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 613] ioctl(4, LOOP_CLR_FD) = 0
[pid 613] close(4) = 0
[pid 613] memfd_create("syzkaller", 0) = 4
[pid 613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 613] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 613] munmap(0x7f19eab8e000, 138412032) = 0
[pid 613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid 613] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 613] ioctl(5, LOOP_CLR_FD) = 0
[pid 613] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 613] close(5) = 0
[pid 613] close(4) = 0
[pid 613] exit_group(0) = ?
[pid 613] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=613, si_uid=0, si_status=0, si_utime=5, si_stime=14} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 4 entries */, 32768) = 104
umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./65/binderfs") = 0
[ 65.327228][ T613] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 65.335354][ T613] F2FS-fs (loop0): Start checkpoint disabled!
[ 65.342651][ T613] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 65.350735][ T613] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
umount2("./65/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./65/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./65/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./65/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./65/bus") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./65") = 0
mkdir("./66", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 617
./strace-static-x86_64: Process 617 attached
[pid 617] set_robust_list(0x55557c94e660, 24) = 0
[pid 617] chdir("./66") = 0
[pid 617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 617] setpgid(0, 0) = 0
[pid 617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 617] write(3, "1000", 4) = 4
[pid 617] close(3) = 0
[pid 617] symlink("/dev/binderfs", "./binderfs") = 0
[pid 617] write(1, "executing program\n", 18executing program
) = 18
[pid 617] memfd_create("syzkaller", 0) = 3
[pid 617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 617] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 617] munmap(0x7f19eab8e000, 138412032) = 0
[pid 617] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 617] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 617] close(3) = 0
[pid 617] close(4) = 0
[pid 617] mkdir("./bus", 0777) = 0
[ 65.594469][ T617] loop0: detected capacity change from 0 to 40427
[ 65.693378][ T617] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 65.701150][ T617] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 65.710348][ T617] F2FS-fs (loop0): invalid crc value
[ 65.716782][ T617] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 617] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = 0
[pid 617] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 617] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 617] ioctl(4, LOOP_CLR_FD) = 0
[pid 617] close(4) = 0
[pid 617] memfd_create("syzkaller", 0) = 4
[pid 617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 617] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 617] munmap(0x7f19eab8e000, 138412032) = 0
[pid 617] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid 617] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 617] ioctl(5, LOOP_CLR_FD) = 0
[pid 617] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 617] close(5) = 0
[pid 617] close(4) = 0
[pid 617] exit_group(0) = ?
[pid 617] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=617, si_uid=0, si_status=0, si_utime=4, si_stime=10} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 4 entries */, 32768) = 104
umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[ 65.740112][ T617] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 65.746621][ T617] F2FS-fs (loop0): Start checkpoint disabled!
[ 65.753499][ T617] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 65.760363][ T617] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
unlink("./66/binderfs") = 0
umount2("./66/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./66/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./66/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./66/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./66/bus") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./66") = 0
mkdir("./67", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 622
./strace-static-x86_64: Process 622 attached
[pid 622] set_robust_list(0x55557c94e660, 24) = 0
[pid 622] chdir("./67") = 0
[pid 622] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 622] setpgid(0, 0) = 0
[pid 622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 622] write(3, "1000", 4) = 4
[pid 622] close(3) = 0
[pid 622] symlink("/dev/binderfs", "./binderfs") = 0
[pid 622] write(1, "executing program\n", 18executing program
) = 18
[pid 622] memfd_create("syzkaller", 0) = 3
[pid 622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 622] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 622] munmap(0x7f19eab8e000, 138412032) = 0
[pid 622] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 622] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 622] close(3) = 0
[pid 622] close(4) = 0
[pid 622] mkdir("./bus", 0777) = 0
[ 65.996407][ T622] loop0: detected capacity change from 0 to 40427
[ 66.044492][ T622] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 66.052072][ T622] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 66.061144][ T622] F2FS-fs (loop0): invalid crc value
[ 66.067536][ T622] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 622] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = 0
[pid 622] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3
[pid 622] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 622] ioctl(4, LOOP_CLR_FD) = 0
[pid 622] close(4) = 0
[pid 622] memfd_create("syzkaller", 0) = 4
[pid 622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 622] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 622] munmap(0x7f19eab8e000, 138412032) = 0
[pid 622] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5
[pid 622] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 622] ioctl(5, LOOP_CLR_FD) = 0
[pid 622] ioctl(5, LOOP_SET_FD, 4) = -1 EBUSY (Device or resource busy)
[pid 622] close(5) = 0
[pid 622] close(4) = 0
[pid 622] exit_group(0) = ?
[pid 622] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=622, si_uid=0, si_status=0, si_utime=4, si_stime=13} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 4 entries */, 32768) = 104
umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./67/binderfs") = 0
[ 66.091106][ T622] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 66.097627][ T622] F2FS-fs (loop0): Start checkpoint disabled!
[ 66.104833][ T622] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 66.111772][ T622] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
umount2("./67/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./67/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./67/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./67/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./67/bus") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./67") = 0
mkdir("./68", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 626
./strace-static-x86_64: Process 626 attached
[pid 626] set_robust_list(0x55557c94e660, 24) = 0
[pid 626] chdir("./68") = 0
[pid 626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 626] setpgid(0, 0) = 0
[pid 626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 626] write(3, "1000", 4) = 4
[pid 626] close(3) = 0
[pid 626] symlink("/dev/binderfs", "./binderfs") = 0
[pid 626] write(1, "executing program\n", 18executing program
) = 18
[pid 626] memfd_create("syzkaller", 0) = 3
[pid 626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 626] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 626] munmap(0x7f19eab8e000, 138412032) = 0
[pid 626] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 626] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 626] close(3) = 0
[pid 626] close(4) = 0
[pid 626] mkdir("./bus", 0777) = 0
[ 66.384279][ T626] loop0: detected capacity change from 0 to 40427
[ 66.434851][ T626] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 66.442426][ T626] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 66.451367][ T626] F2FS-fs (loop0): invalid crc value
[ 66.457746][ T626] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[ 66.483491][ T626] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 66.490817][ T626] F2FS-fs (loop0): Start checkpoint disabled!
[ 66.497328][ T626] attempt to access beyond end of device
[ 66.497328][ T626] loop0: rw=2049, want=40968, limit=40427
[pid 626] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 626] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[pid 626] ioctl(3, LOOP_CLR_FD) = 0
[pid 626] close(3) = 0
[pid 626] memfd_create("syzkaller", 0) = 3
[pid 626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 626] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 626] munmap(0x7f19eab8e000, 138412032) = 0
[pid 626] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 626] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 626] close(3) = 0
[pid 626] close(4) = 0
[pid 626] mkdir("./file0", 0777) = 0
[ 66.643923][ T626] loop0: detected capacity change from 0 to 1024
[pid 626] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 626] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 626] chdir("./file0") = 0
[pid 626] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 626] ioctl(4, LOOP_CLR_FD) = 0
[pid 626] close(4) = 0
[pid 626] exit_group(0) = ?
[pid 626] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=626, si_uid=0, si_status=0, si_utime=4, si_stime=16} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x55557c94f6f0 /* 5 entries */, 32768) = 136
umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./68/binderfs") = 0
umount2("./68/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./68/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./68/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./68/bus") = 0
[ 66.725788][ T626] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x55557c957730 /* 2 entries */, 32768) = 48
getdents64(4, 0x55557c957730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./68/file0") = 0
getdents64(3, 0x55557c94f6f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./68") = 0
mkdir("./69", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557c94e650) = 632
./strace-static-x86_64: Process 632 attached
[pid 632] set_robust_list(0x55557c94e660, 24) = 0
[pid 632] chdir("./69") = 0
[pid 632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 632] setpgid(0, 0) = 0
[pid 632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 632] write(3, "1000", 4) = 4
[pid 632] close(3) = 0
[pid 632] symlink("/dev/binderfs", "./binderfs") = 0
[pid 632] write(1, "executing program\n", 18) = 18
[pid 632] memfd_create("syzkaller", 0) = 3
[pid 632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 20699119) = 20699119
[pid 632] munmap(0x7f19eab8e000, 138412032) = 0
[pid 632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 632] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 632] close(3) = 0
[pid 632] close(4) = 0
[pid 632] mkdir("./bus", 0777) = 0
[ 66.956570][ T632] loop0: detected capacity change from 0 to 40427
[ 67.053423][ T632] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(15) root(3)
[ 67.061196][ T632] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 67.070177][ T632] F2FS-fs (loop0): invalid crc value
[ 67.076805][ T632] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045588246331391)
[pid 632] mount("/dev/loop0", "./bus", "f2fs", MS_NOEXEC, "discard_unit=section,alloc_mode=reuse,checkpoint=disable,active_logs=6,active_logs=6,jqfmt=vfsv0,noa"...) = -1 EIO (Input/output error)
[pid 632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 67.102316][ T632] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[ 67.109477][ T632] F2FS-fs (loop0): Start checkpoint disabled!
[ 67.115739][ T632] attempt to access beyond end of device
[ 67.115739][ T632] loop0: rw=2049, want=40968, limit=40427
[pid 632] ioctl(3, LOOP_CLR_FD) = 0
[pid 632] close(3) = 0
[pid 632] memfd_create("syzkaller", 0) = 3
[pid 632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f19eab8e000
[pid 632] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
[pid 632] munmap(0x7f19eab8e000, 138412032) = 0
[pid 632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 632] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 632] close(3) = 0
[pid 632] close(4) = 0
[pid 632] mkdir("./file0", 0777) = 0
[ 67.247863][ T632] loop0: detected capacity change from 0 to 1024
[pid 632] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 632] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 632] chdir("./file0") = 0
[pid 632] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 632] ioctl(4, LOOP_CLR_FD) = 0
[pid 632] close(4) = 0
[pid 632] exit_group(0) = ?
[pid 632] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=632, si_uid=0, si_status=0, si_utime=5, si_stime=18} ---